Should You Use Third Party Logins?

There are pushes to minimize the need for passwords, but after the Gawker leak fiasco who wants to have a common shared single point of failure for passwords? Sure managing passwords sucks. But friction is a tool that helps cleanse demand & make it more pure. It is why paid communities have a higher signal to noise ratio than free for all sites. Any barriers will annoy people, but those same barriers will also prevent some people from wasting your time. If they are not willing to jump through any hoops they were never going to pull out the credit card.

37 Signals recently announced they were retiring their support of Open ID. At the opposite end of the spectrum, eHow just announced they are requiring Facebook logins:

We have some exciting news to share about Beginning in February 2011, Facebook Login will be the exclusive means for login to the site. You’ll be able to use your new or existing Facebook username and password to connect with the eHow community. We’ll also be removing eHow member profiles to help you streamline friend lists and eliminate the work of managing multiple online accounts. Additionally, we’ll be closing forums on the site. We want to hear from you directly, so moving forward, we encourage you to communicate us through the “Contact Us” section of

We’re excited to introduce these updates! Get started and click on the Facebook Connect button in the upper right corner of the home page to login. We want to keep in touch, so also remember to Fan Us.

My guess is they might be trying to diversify their traffic stream away from search & gain broader general awareness to further legitimize their site. But the big risk to them is that Facebook is an ad network. So now competing sites will be able to market at their base of freelance employees. What's worse, is that there was a rumor that Facebook might plan to launch a content mill strategy. There are plenty of ways for that third party login to backfire.

My believe is that you shouldn't force logins until you have something to offer, but that when you do you should manage the relationship directly. Does that mean you have to reply to every message? No. But it does mean that if there are ways to enhance value through how you interact with your established relationships you are not stuck under the TOS of a 3rd party website which may compete against you at some point. Sure that means some upgrades will be painful, but it means that you get to chose when you do upgrades rather than letting someone else chose when your website breaks for you.

I view third party comment systems the same way. If the person providing the service changes business model it does not mean you are stuck paying whatever rate they want or starting over. This is one of the big advantages of owning your own domain name and using open source content management systems. You don't have to worry about a Ning pivot or a Geocities shut down. Sure this approach means you have to deal with security, but then leaving that sort of stuff to Facebook might not be great anyhow.

Published: January 31, 2011 by Aaron Wall in internet marketing


February 1, 2011 - 5:26am

I haven't dug too deeply into this, but what happens to the comments content if you decide to change or leave a 3rd party commenting system? Does it stay on your site or get removed when the service is removed?

And Facebook better make damn sure their users don't cut & paste info from other sites to build up their own "farm"...a la Yahoo! Answers and the rest. I have no problem sending out C&D notices and lotsa people are itching to start nailing these big guys financially. Many of us are tired of being ripped off by the "giants" and gloves are now off.

February 1, 2011 - 6:03am

There are ways to integrate it which are more parasitic than others & ways that are fairly fail-safe (outside of losing contact information of people commenting on your site to the Facebook borg). Ultimately it comes down to what platform you are using and how your developers program it.

February 1, 2011 - 1:20pm

This is a great topic that will be discussed in the forums soon ;). I'm making some tests with the new FB Registration Plugin, and it makes perfect sense for particular situations (ex. you are using some FB ads to promote your business). In that case, the user is logedd in to FB, and when they arrive to your site, all the infomation that you want to ask for is pre-filled by FB Registration Plugin, reducing the friction of enterin any data. The user only has to click on the register button.

February 1, 2011 - 5:02pm

Yeah, I never understood third party login's, especially when you are used to doing Drupal sites that generally have good security features available. Let me control the information...and market to my own users if and when I want to.

February 1, 2011 - 9:46pm

Aaron, I agree that sites should have something valuable to offer before asking for login.

As someone who works in the third-party login world, I feel like I should mention that it's entirely possible to implement third party login and keep all of your user's data. It just depends on which product you pick and whether you store the data that the social networks pass through (emails, names, age, gender, etc).

Larry Drebes, the founder of Janrain, wrote a blog post in response to 37 Signals' decision saying, "Very simply, use of social login (when done right) creates higher conversion rates for new users, and increases likelihood of return user login."

I'd love to talk to you about it some time Aaron.

Full Disclosure: I work for Janrain, but this is in no way an official Janrain statement.

February 2, 2011 - 3:55am that a lot of the big social networks don't do that. they get big because they hoard ;)

I guess your company would be one of the few exceptions to the general rule. It seems like you guys are trying to build something that is maximally useful for publishers rather than perhaps something which is at first free and easy, but locks in customers so they can be screwed down the road.

Jim Spencer
February 3, 2011 - 12:01am

I generally agree with the idea of not using third party log ins. I especially avoid logging in with Facebook because of the amount of information that becomes available. I figure Twitter reveals a lot less information. I can certainly appreciate the convenience of clicking "log in with Twitter or Facebook", but I don't think most realize the big picture.

As far as comment systems, we run into this more when we do blog migrations at Disqus allows the export of your comments. Say if you are moving from Tumblr to WordPress and want to switch to WP comments, that can be done. You can also use a Disqus WP plugin and get your visitor comments in place.

There are however, small business focused systems that make moving out really hard. We are familiar with an inbound marketing platform (HS) that has no FTP access, no database access and if you want to move commenter email addresses you have to copy them manually when moving from the system to say WordPress. So, this problem is not limited to 3rd parties. Buyer beware.

Configuring and styling your own comment system is the way to go, but there is certainly more friction for the site owner. Let's hope site owners are making wise choices and don't get surprised later. As you pointed out, it is very possible.

February 3, 2011 - 9:03am

There are tons of different ways businesses try to lock in others...fully-hosted CMS is probably the biggest. And it is often headaches with such CMS systems that cause people to do hack jobs with integration that make a lot of the 3rd party comment plugins seem a great deal off the start.

Add new comment

(If you're a human, don't change the following field)
Your first name.
(If you're a human, don't change the following field)
Your first name.
(If you're a human, don't change the following field)
Your first name.