1037 ? Be careful HOW you login: Tom talks Slick Signups

SUMMARY BY CHATGPT

Main Idea
The episode warns against using social logins (e.g., “Sign in with Facebook/Google”) because while they’re convenient, they create serious security and privacy risks.
________________________________________
Key Points
• Guest: Larry Guerrera (Tom’s tech expert and podcast editor).
• Topic: Pros and cons of social logins.
Pros of social logins:
• Convenient — one set of credentials can access many sites.
• Safer in one sense: you’re not directly sharing your password with each site, just an access key.
Cons of social logins:
• Single point of failure: If you lose or forget your Facebook/Google credentials, you lose access to every connected site.
• Data breaches: If the social platform is hacked (like Facebook leaks), attackers could gain access to your linked accounts.
• Privacy risks: Data may be shared with third parties, increasing exposure.
• Financial danger: If tied to banking or shopping sites, credentials can compromise sensitive financial information.
Better practices:
• Use unique logins for each site (keep accounts “siloed”).
• Use password managers (RoboForm, 1Password, LastPass) or a paper/pen system with encryption tricks.
• Create strong, salted passwords (adding special characters, using confusing substitutions like l vs 1, O vs 0).
• Avoid simple or guessable passwords (names, birthdays, “123456,” “password”).
If already using social logins:
• Slowly unwind them site by site.
• Start with financial accounts first (banks, shopping sites with stored cards).
• Switch to standard username/email + password logins.
• Do the process on desktop first, then update mobile logins.
________________________________________
Closing Notes
• The inconvenience of creating separate accounts is worth the long-term security benefits.
• Tom emphasizes his mentor program and internet marketing school as safe ways to learn and succeed online.
• Message: Avoid social logins—choose security over convenience.

===

Episode 1037 – Slick Signups
[00:00:08] Welcome to Screw the Commute. The entrepreneurial podcast dedicated to getting you out of the car and into the money, with your host, lifelong entrepreneur and multimillionaire, Tom Antion.

[00:00:24] Hey everybody! It's Tom here with episode 1037 of Screw The Commute podcast. Today we're going to talk about slick signups, or not. This could get you into deep doo doo if you sign up easily, and you'll see what we're talking about here when we bring our super duper guest on. All right, I hope you didn't miss episodes 1035 and 1036. That was part one and part two of teleprompters. So this can really change your video life being able to just spit out long you know, videos. I know everybody's crazy about short ones, but. You know, there's I watch some of them. They're 45 minutes long on, uh, on YouTube. And that can really up your income from YouTube with, uh, listen time and so forth or watch time. All right. Uh, pick up a copy of our automation book at screwthecommute.com/automatefree. Pick up version 3.0, in case you have the older version 2.0. And check out my mentor program at GreatInternetMarketingTraining.com. And my school at IMTCVA.org. It's the only licensed, dedicated, internet and digital marketing school in the country, probably the world, and certified to operate by SCHEV, the State Council on Higher Education in Virginia. But you don't have to be in Virginia because it's distance learning, and it will probably save you and your family a couple hundred thousand dollars from getting indoctrinated at some four year college. So how about that?

[00:01:58] All right. We got a special guest here today. Larry Guerrera is here, and he is my right hand guy. That keeps all these podcasts looking good, all the websites looking good and fighting with all the tech idiots when they, give us hassles and he figures stuff out and makes things work, and he's got, I say he's got more certifications than, I don't know the number of calories I eat per hour, so I don't know. Hey, Larry, how you doing?

[00:02:34] After that intro, I really don't have much to say, but I gotta say, when you say 1000 following followed by a few numbers, it's mind boggling. We have gone this far in the number of episodes.

[00:02:49] Yeah. You've put everyone up and I've edited everyone. Yeah. So yeah. And we're one of the few, uh, in the world. I think there's only been 7000 out of like 3 or 4 million podcasts that ever exceeded.

[00:03:02] I mean, really, it's actually a fraction of a percent. We are in the elite, the rarefied atmosphere of podcasts.

[00:03:09] There you go. So that's why we're so rich and have yachts and all this stuff. Oh, yeah. Yeah. All right, so, uh, what we're talking about today, folks, is when you go to sign in to different, uh, places and online services and this and that, a lot of times they say, hey, um, just sign in with Facebook or sign in with Google or sign in with, I don't know, for with your bathroom code, I don't know. There's all kinds of ways they do it. But Larry's here to tell you why. That's probably not a good idea, even though it's convenient. So, Larry, go ahead and take it away.

[00:03:46] All right. Very good. Let me start with the word convenience. It is very much a convenient practice. And what we're talking about here, when you see these things brought up in your social feeds or in the news or whatever, we're talking about a social login. That's the phrase that's used for what we're talking about today. Social login means you are using a social network of some sort to log into another third party website. It could be anything. It doesn't really matter. But if the website offers you username and password, sign in with Facebook, sign in with Google, sign in with Instagram, or sign in with some other service you are using a social login. Okay, so what Tom wants me to talk about is the pros and cons of such a thing. There are definitely pros to this, no question about it. But unfortunately there's far more cons. But let me start off with the pros. For those of you that are using social logins right now. So the way this works in practice when you do a social login, like sign with Facebook, sign with Google. And by the way, signing in with Facebook seems to be the the most popular way to do this. So why is that? Because there's a bazillion people on Facebook and it's so convenient. Makes it nice and easy to be able to do that.

[00:05:06] So how does this work? So when you use social login to access your favorite website, when they offer you this option, you are not giving them your password. You are not giving them your user ID. So in effect, that kind of protects you in case there's a breach of some sort on that website or the company gets breached, or there's some kind of data hack, you're not technically exposed because you haven't shared anything with them. Okay. So that's the pro and that is definitely a pro. So when you sign in with Facebook or Google or any of the other services, it will give you what's called an access key. Technically it's an API key which stands for Application Program Interface. But you don't have to worry about that. It's a different key that allows you to access the website. And that's all the website knows, is that this key came from, for example, Facebook. So they allow you to log in as if you logged in as you normally would, with the username and password and all that good stuff. What's good about this is that you could use multiple sites to log into using this exact same method. So all you need to remember in essence is your Facebook user ID and your Facebook password, or your Google ID and your Google password, and so on and so on.

[00:06:22] That's all great and wonderful. So that's the pro. So like I said, there are pros to this. However, uh, nature abhors a vacuum. So if there's a pro, there's gotta be a con to this somewhere. And certainly with social logins, there are advantages and disadvantages. So what's a disadvantage or con of doing it this way. Okay. So the first one has to do with you personally. Uh, I'm really good at this tech stuff, but even I have a lapse in memory. Not 100% perfect. Heaven forbid you were to forget or lose your Facebook username and or password, because if you do that, not only you're not getting into Facebook, but you're not getting into all of those other sites that you logged in with Facebook or Google or any of the others, any of the other social login networks. So that's one problem. Now, there are ways to mitigate that, like write down your username and password. I follow Tom's method when it comes to calendars, and I use this for a lot of other things. Tom has a very special calendar. It never needs recharging, never needs new batteries, does not need Wi-Fi or a cell connection. In fact, his is almost miraculous.

[00:07:41] Doesn't crash either.

[00:07:42] And it never crashes. Doesn't have to be rebooted either.

[00:07:46] You could light it on fire. I guess that's what you could.

[00:07:49] However, even from the ashes, you could kind of glean what your next event is. It's called a paper calendar. He uses paper and pencil slash pen to record his stuff. Now I realize that not everybody can do that. But think about that. The only way somebody's going to hack Tom to get his information is if he breaks into his house, finds the calendar, actually knows if he uses a calendar, finds it, rifles through it, and finds what he needs.

[00:08:15] Everybody kind of knows that. I do it now that you just told him.

[00:08:18] Yeah, that's okay though.

[00:08:20] I've told him a hundred times, but exactly. But keep in mind, folks, I'm not, uh, I still use some, uh, password online, uh, things for passwords, because I have hundreds and hundreds of them, but for calendars. Yeah. Definitely use. And I do have some encryption ways that I use with a pencil that Larry will talk to you about a little later. So even if it's written down, somebody could find what I wrote down and still not make heads or tails of it.

[00:08:52] That that is absolutely correct. So a couple of things here. There. Uh, Tom mentioned password. Uh, well, he mentioned passwords, but in the in the guise of password management. So there are some digital ways to do this. You have things like Roboform, which Tom uses and I use for certain things. There's one pass, there's LastPass, and there's a whole bunch of them out there that provide password services. So what do those do? Those provide you with massively scrambled and encrypted passwords that you are never going to remember, but that it would be near impossible for anybody to guess. And what they do is they help you to manage those by being able to change them, logging into websites automatically. They keep them on what's called a password vault. All of them have similar functions like this. So even if somebody were to get Ahold of your credentials, there are still other things they need in order to find out what your passwords are. Uh, so these vaults are not that easy to crack and probably a lot harder to crack than a real physical vault, but that is one way that you can make this a little simpler for yourself and protect yourself. But we still go back to the social login issue in that if you forget any of these, or if you forget the one that you've been using, you could be in deep doo doo. So how do we kind of protect that? Well, you could use a password manager, as I mentioned, and Tom mentioned the encryption of ones he even writes down. And there are some very simple techniques you can use. Uh, there are some that I use as well that are very, very easy to use as well.

[00:10:26] So you could first of all, let me just say this right up front. Please do not use the word password as your password. Do not use 123456. Do not use your birth date. Do not use the name of your dog. Do not use the name of your spouse or your children because in many, many cases, a quick Google search and there's the information they're going to try next. Will they know that that's what you're using? No, but these are the common things that people try and use to make it easier for them to remember. So how do you get around that? All right. The phrase that I always use is use a password that you can never forget. Also make sure that that password can never be guessed. So what does that mean? So you could come up with a password like my password. Now I know using the word password. But if you say my password just for the heck of it, that is ten characters. Just about every website will allow you to have ten characters. They will allow you to have a lot more. But what you do is you do what's called salting your password. Now, what does that mean? Salting means you're adding stuff to either the beginning, the middle, or the end of your password that scrambles it for the most part, for everybody, unless they know exactly what you're doing. So if, let's say my password, you can add a whole bunch of characters at the end of it, like the period, I use dots. I also use question marks.

[00:11:58] I use the pound sign, which is known as the hashtag. There's a whole bunch of things you can do to end to put it at the end. Now, how do I keep it straight? So you're saying, oh, I gotta remember how many to put there. No you don't. You take the number of characters in your password, and you add the same number of a special character that you designate a period, a comma, a hashtag, uh, exclamation point at sign, whatever character is valid for the particular website that you're using. So you've made up the rules. It's going to be very difficult, if not impossible, for you to forget those rules. If you do use Tom's method pencil and paper, take that piece of paper and hide it somewhere. Somebody will have to break into your house. Find the paper if they know you even have such a thing, and take it from there. So what we're trying. It's so for the most part, it is not impossible for anybody to guess Yes. What? Your password could be on a given service. You want to make it as difficult as possible because for the most part, hackers. Hacker types. Hacker light. Hacker heavy. All these people, they want to make it as easy as possible for them. If they run into resistance. Unless. What's at the other end of that? Uh, that credential is a pot of gold. They're going to move on to the next target. You don't want to be a target. And if you are a target, you want to be as sour a target as you can psibly make yourself. So that's one way.

[00:13:25] Yeah, the other way. Um, that that I've used a lot in the past is, is certain letters online and numbers look different. So tell them about that.

[00:13:38] Oh yes. So I've run into this a lot and it even confuses me. So I'm a white hacker. And if you got these guys that are brown and black hatters, they're going to be just as confused. So take the letter L for example, or lowercase l in many fun styles. Looks like the number one. So how are you going to know? Well, you would know because you're the one that set up the password. But if you use characters like that, it will confuse somebody who's trying to guess it. Another one is an uppercase I, not a lowercase, but an uppercase. I also looks like either the number one or the letter L, so that can be throwing a little bit of confusion and obfuscation as we as we cool kids like to call it. Another one is the number zero. The number zero. Under many circumstances, looks like an uppercase O. So that being the case, don't be so hung up on making sure it's all numeric. If you can use it, throw an uppercase O in there and that will make it that much harder to figure out what your password is. So what are all these things have in common? So there's a couple of things to keep in mind. Is it practical to have everything funneled through a social login? Sure it is, because you only have to remember one thing. Does it save you time? Absolutely. Does it integrate nicely with some of these other websites and platforms? They sure do. That's why they say login with Google, login with Facebook. So I'm going to throw out the word again. However, the problem with all of this is, as I mentioned earlier, you forget that login.

[00:15:15] You just lost access to all of your other websites until you remember what your login is. But there are far more insidious and behind the scenes things that can go wrong. If there is a Facebook data leak, which there have been on multiple occasions. That information gets leaked into the dark web, and now you've got a real problem. Because if they grab your credentials before you have a chance to change it, they can now start rifling through major websites to see if yours works. So that's one problem. The second problem is that exposure makes you exposed to other vulnerabilities on the websites themselves. Once a hacker figures out, oh, this person is using a Facebook login to go to this website, they might try and hack that website and get additional information. Among others, they're going to keep going and try as many as they can get away with. The one of the other issues is privacy and security. Now we talked about the security aspect of this, but the privacy aspect goes even further. If you haven't set your Facebook account up correctly to make sure that a lot of your stuff remains private and they get your credentials, it's all bets are off. They're going to have a field day with your account and all the other accounts on on your other websites. Now, we've all had this issue. I've had this issue with Facebook. Tom has had this issue with Facebook. I've had family members who have had this issue with Facebook and other sites. In fact, the whole reason we're having this is because one of my family members actually got caught by one of these Facebook social login problems.

[00:16:52] Their credentials somehow got hacked in one of Facebook's little mini hacks that they don't talk about, and that caused a real problem for a couple of weeks. She couldn't get access to Facebook, couldn't get access to her banking accounts. Let me say that again. Banking accounts. The very last thing you want is to have something happen like this. And it's your financial accounts that get get infiltrated. That's just bad news. Bad news no matter what. So on top of all that, a lot of this data is shared with third party sites. So this is another reason why keeping your logins separate and not using social login is a much better way to do this, because all of them become what's called siloed. What? Each website is independent and on its own. If you go through a social login login, that's not the case anymore. You have one point what they call a single point of failure. If that login gets compromised, you compromise every other login you've used using that type of login, whether it's Facebook, Google, Instagram, LinkedIn or whatever, whatever it happens to be. So there are pros to this, but as you can see, there are a lot more cons and trust me when I tell you I know this is a royal pain in the butt. I can't stand having to create an account for every new website that I use, but it really is the only way to make your login as safe as possible and to protect your data, especially if it's financial in nature especially.

[00:18:26] But at the same time, you don't want anyone hacking into your account at a shoe company that you buy your favorite shoes from, or clothes that you buy, or any of the other ones. You just don't want that, because that can be a launching platform for other things which are not good. So yes, I know it's a pain, but get a notepad, get a pencil or a pen, write them down, store them away. That's one method you can use. The password managers that we discussed one. Pass, LastPass, Roboform, etc. to maintain this and to provide the ability to, uh, to make really strong encrypted passwords that you can use on all these other sites. It does take a little bit of time. There is a learning curve, but it is definitely worth it. And also not just for yourself. But keep this in mind for your relatives, your elder relatives, those in their late senior years that are still using technology but can be vulnerable and subject to this type of hacking, whether it's on the phone or whether it's online. So there's a lot to consider here. I just want you to be clear on the fact that what we're trying to do is protect you and, by extension, protecting family members by doing what's called good security practices, using logins, uh, using social logins safely. That's almost a contradiction because they're not really safe. They are convenient, I will give you that. But are they really safe? Not so much. So just be careful out there.

[00:19:55] Beautiful. Beautiful. And, folks, you got to listen to Larry, because Larry knows pain. I mean, he's got to deal with me every day. That's so, so so, uh, and also, you get to talk to Larry and Mark and, uh, Travis and Jennifer and everything. If you happen to be in my mentor program. So we, you know, you have somebody that's got a stake in your success to talk to rather than just random people that you don't know what their agenda is. So. So thanks so much, Larry. That's very informative. Like I said, the reason this came about is I asked him a while back because I have always used separate passwords because I'm skeptical and uh, and want, you know, siloed. If they hack one site, that's as far as they can get with me. But, uh, so I asked him about this, and that's how this podcast came about. So just stay away from those social organs if you're doing it now. How do they get get out of doing it if they're doing it now?

[00:20:57] Um, okay. So that's a good question. So if you want to reverse this, one of the things you can do. And again I realize this is a royal pain, but this is how you unwind this. If you've got a bunch of sites that are using login with Facebook, what you want to do is log out of that site completely, make sure you are not in there and go back in and only log in with a username and password. Now usually your username is your email address. If that is the case, that's fine. Use your email address. If you have to let it create a password for you, you can create one you're not really creating. You might have to create an account. It really depends on the website you're going to in some in many cases you don't. So you have to see how they want you to do this. But I would start just by one at a time, just reversing what you did on each of these. Very You have to make up a list of what's very critical for you, especially financial. If it's financial you that's got to go to the top of the list. Do that first. Any financial websites that you've used the social login for do not reverse all of that.

[00:22:04] Get back in there with a username and password separate from anything else. The rest of the site. You can do them after you're done with your financial, uh, with your financial sites and do the exact same thing. Just completely log out, log in this time with whatever they want as a username and a password if you have to generate one. Now this is on not just on a desktop. You need to do this on your phone or your smartphone or any type of mobile device as well. Now once you do it on the desktop, then you can carry that over onto your mobile device a lot easier, because now you already have the username and passwords that these websites want. I would only suggest do it on a desktop, because it's probably easier on the eyes for the one. For one thing too, you're at home. You can have a pad and pencil with you right there. And you can knock this down one right after the other. But please, if you have financial sites that are tied into this, please reverse that and go to go to a standard login with the username and password. No social login. Um, as they as the cool kids say for boating, no social login. Don't do that.

[00:23:10] Okay. And I would say a financial site is not just your bank. It's if you've paid, you know, given credit card information and saved on another site, I would I, I personally I don't know what Larry thinks about this, but I would consider that a financial site.

[00:23:25] So uh, yeah. Okay. So let me.

[00:23:26] Extend the definition. What I meant is financial. You are absolutely correct. I don't necessarily mean just a bank. It's anything that has a financial transaction or ability to make a financial transaction connected to it certainly.

[00:23:40] Usually don't have have this.

[00:23:42] Well but but.

[00:23:43] Banks though can transfer funds.

[00:23:45] Right. Exactly.

[00:23:46] Yeah. So that could be just as bad if not worse. So anything that you've got your credit card stored on, anything, we have a connection to a bank. Any of those could be considered, could be flagged. I would flag them as financially related. So those you should not go first and all the rest of them can follow after that. And after the first 2 or 3, you're going to see how the process goes. You'll be able to go through them much quicker, but I would strongly recommend you do that because social login and the word safety do not go together.

[00:24:18] Yeah. Like you said it's a pain. And if they make you, uh, have a new account, they might, you know, erase your history, you know, sales history from that account. I don't know, unless it's tied to your email address, which you can, uh, keep the same, but but, uh, whatever it is, uh, it's time. It's like temporary inconvenience, permanent improvement. That's my. What am I saying?

[00:24:41] Exactly right. Yes.

[00:24:43] Yes, indeed. Okey doke. So that's the story, folks. Uh, we try to keep you safe here and teach you how to, do great things online. And Larry is a big part of this organization that can. That'll help you. So check out my mentor program, GreatInternetMarketingTraining.com where you can have one on one time with me, Larry, the whole staff whenever you have problems. And, my school IMTCVA.org, is the only licensed dedicated internet and digital marketing school in the country. And I told you about SCHEV. You know, we had to go through three years of licensing just to get the license of this, this and a lot of things that you see online called universities and schools have no, uh, scrutiny whatsoever. They can just say whatever they want. But, I mean, I have to recertify every year and they do spot checks and they look at your curriculum. And I mean, it's just a lot of stuff in financial background and background checks and everything else. So, so it's something that can give you a high you or your one of your loved ones a super high in demand skill in as little as six months, and we actually have people making money before they graduate because that's, uh, that's how powerful and in demand this skill is. And you won't be in debt for, uh, you know, 50 years afterwards. So. So there you go. So thanks, Larry, for coming on.

[00:26:08] Oh, my pleasure. I'm glad we got this message across. And I just hope people take this to heart and start getting themselves in a more secure place, because we want people to be safe being online. We want them to use the internet safely, be safe out there and make sure they get their stuff done and have confidence that what they're doing is the correct thing to do.

[00:26:29] Yep. And I usually end these things with that's my story and I'm sticking to it, but I'm going to change it today. So that's our story and we're sticking to it.

[00:26:38] Exactly right.

[00:26:39] We'll catch you on the next episode. See you later.

Adblock test (Why?)



source http://www.expertclick.com/NewsRelease/1037-Be-careful-HOW-you-login-Tom-talks-Slick-Signups,2025312686.aspx

Comments

Post a Comment

Popular posts from this blog

Christian Writers? Conferences for 2025

Image
By Scott Lorenz WestWind Book Marketing If you’re a Christian writer and want to take your career to the next level, then writers’ conferences are certainly worth exploring. There are many Christian writers’ conferences that can give you the opportunity to meet and learn from other authors, pitch your book, and network with agents, editors, and book marketing experts . Here’s a good overview of some of the Christian writers’ conferences in 2025 that you should consider attending: February 21–23, 2025: Asheville Christian Writers Conference (Asheville, NC). The Asheville Christian Writers Conference is a small conference limited to 120 attendees. It will offer one-on-one mentoring and critiques with award-winning authors. https://ashevillechristianwritersconference.com/ March 7–8, 2025: Carolina Christian Writers Conference (Spartanburg, SC). The Carolina Christian Writers Conference will offer tips and tricks on topics like book proposals, social networking, and pitching to ed...
Read more

Andrew Chen ? Growth Secrets from Tinder, Uber, and Twitch; Exploring the Metaverse; the Future of Startup Investing; Games as the Next Social Networks; and How to Pick the Right Metrics (#550)

Image
For Immediate Release: Dateline: San Francisco , CA Illustration via 99designs “Between the early adopters and the early majority, you have this chasm where all the nerds will love you, but the mainstream market has no clue what it is that you do.” — Andrew Chen Andrew Chen ( @andrewchen ) is a general partner at Andreessen Horowitz , where he invests in consumer technology, including social, marketplace, entertainment, and gaming experiences. Today, Andrew serves on the boards of All Day Kitchens, Clubhouse, Envoy, Hipcamp, Maven, Reforge, SandboxVR, Singularity6, Sleeper, Snackpass, and Substack. Andrew is a prolific writer and leading voice on mobile, metrics, and user growth. For the past decade, he’s covered the topic on AndrewChen.com . He is the author of The Cold Start Problem , a book exploring how new start-ups are launched. He is also a board member and instructor at Reforge , which offers selective growth-focused programs for experienced professionals in marketi...
Read more

P. A. Farrell Delivers Gripping New Flash Fiction: A Good Thing

Image
Celebrated flash fiction writer P. A. Farrell, with over 20 published works to her name, is set to captivate readers again with her latest offering, "A Good Thing." This taut, suspenseful tale, which showcases Farrell's unique storytelling style, weaves together elements of crime, coincidence, and moral ambiguity in a masterful display of the flash fiction form. In "A Good Thing," Farrell plunges readers into a world where a simple car accident spirals into a web of unforeseen consequences. When a friend borrows a car belonging to a Mafia daughter, a minor collision sets off a chain of events that nobody could have predicted. As the threat of a lawsuit looms, fate intervenes in a shocking and deadly manner, leaving readers to grapple with the question: Can a tragedy ever be "a good thing"? With her signature economical prose and a keen eye for human nature, Farrell crafts a story that packs the punch of a full-length thriller into just a few hundred...
Read more