So you have a Facebook account, right? And you use Google Mail, right? Good, then this is for you. It’s just recently become possible for you to sign into Facebook automagically, i.e. without entering your Facebook username and password, just because you’re already signed into GMail. It’s full of win.
The wholesomeness that allows this to happen is called OpenID, which is a powerful technology that you probably want to start paying attention to. It allows you to use one online identity on many different websites, and it keeps you from having to give your password to the sites you use. Basically, it offers:
- Convenience: faster registration on new sites: get setup in seconds
- Simplicity: a single username and password to remember
- Security: you don’t give websites your password
If you’re interested in more details, I just finished a piece on web auth technologies here, but the point is that OpenID is blowing up. Everyone’s getting into it: Google, Yahoo, Facebook, Verisign…everyone. The big players who aren’t there now will be soon.
Facebook + Google = OpenID
So, two of the companies that are embracing OpenID the most are Facebook and Google, but in different roles. Within the OpenID system you can be an Identity Provider (someone that websites trust to provide authenticated users), or a Relying Party (a website that has services and wants to accept users from an Identity Provider).
Well, Google is now the behemoth of Identity Providers, and Facebook is now the Grand Pubah of OpenID Relying Parties. It’s a phenomenal combination for users. In other words, Facebook is saying to the world:
We accept Google users as valid users, so if you show up to Facebook and you’re already signed into Google, you’re considered legitimate to us, and we don’t need to authenticate you further.
So here’s how to get going–in like two minutes. First, sign into Facebook normally–using your Facebook username and password–and go to your Settings. On the default, left-most tab you’ll have a section called “Linked Accounts”. Click “Change” there to add an account.
Select “Google” from the pull down menu and you’ll be asked to allow Facebook and Google to interact. Once you’ve authorized the connection your two accounts are linked! Now sign out of Facebook (but stay logged in to your Google account) and then go to the Facebook homepage. You’ll see some trickery taking place in the URL bar, and then you’ll be logged into Facebook without having to enter anything!
The way this works is just like when you enter an OpenID identity manually on a site: you’re getting transparently redirected to the OpenID provider (Google, in this case) where Facebook confirms that you’re already logged in and subsequently lets you into the site.
The only difference is, instead of you providing an OpenID through a login form, Facebook already knows where to redirect you based on the previous “Linked Accounts” step.
Notice that you can also add a number of other account links as well, including various OpenID providers, and Yahoo! My favorite, however, is Verisign PIP, because it allows me to use two-factor authentication to access my OpenID provider.
Anyway, enjoy your new transparent login to Facebook through Google, and keep your eye out for more OpenID developments around the web. ::