Frequently Asked Questions (FAQs)

Common Reasons for Login Failure

If you are unable to log in, check the following items to resolve the login issue:

  • Keyboard CAPS lock: Make sure CAPS lock is OFF.
  • Password: Ensure you are not using an old password.
  • Email/login-name: Verify that the email address or login name is valid.
  • Website: Check that you are accessing the correct website and not a phishing website.
  • VPN: Avoid using a VPN, as some websites do not allow VPN connections.
  • Internet connection: Ensure you have an active internet connection.
  • Captcha: If the site requires captcha, enter it correctly. Regenerate the captcha if it is not readable.

Security of OAuth Logins

Q: Is using OAuth to log in to a website secure?

A: Yes, OAuth is a secure and widely used protocol that allows you to log in to a website without creating a new account. It saves time and eliminates the need to remember additional account credentials. Common OAuth providers include Google and Facebook. If you have an account with one of these providers, you can use it to log in to many third-party websites.

Q: Can a website where I log in using OAuth access my account password?

A: No. For example, if you use Google OAuth to log in to example.com, Google does not share your password with example.com. Instead, it sends a token to example.com upon successful authentication. This token allows example.com to access authorized information without knowing your password.

Q: Can a website where I log in using OAuth access all my data?

A: No, it depends. When you log in using OAuth, the provider displays a list of permissions that the application requests. For instance, if you use Google and the application you are trying to log in to requests permission to access your contacts, you can grant or deny this permission. Similarly, if you use Facebook and the application requests permission to post on your behalf or manage pages you have created, you can decide whether or not to grant this permission. Carefully review the permissions requested by the application before granting them. Granting unnecessary permissions can lead to potential data privacy or security issues.

Q: How can I revoke granted permissions from a third-party app?

A: Each OAuth provider maintains a list of applications along with the permissions you have granted to each application. To revoke these permissions, you can remove the app from the list of apps using the provider dashboard or explicitly remove a specific permission shown under that app. For example, on Facebook, you can find this information under Settings > Apps and Websites. Often, these granted permissions expire automatically after a certain period. The provider’s dashboard shows which apps are expired, indicating that the token issued to the app has expired and the app can no longer access your data on your behalf until you authenticate and grant the permission again.

If you have any questions? Please contact us at this email [[email protected]]