One thing not mentioned is that if you ever want to “de-Google”, you will have to go to all websites and services where you logged in using your Google account, and (try and) change the authentication method. Avoid it if possible.

In addition to the downsides mentioned here about privacy regarding Google, there is a major upside to using this service: it offloads all of the authentication logic to google, so in theory it reduces your risk surface area, or it may be more accurate to say it concentrates your risk to your Google account.

You’d like to hope most websites use using common security best practices and keep on top of things but the amount of websites I had accounts on (on websites I had long forgotten) which have been pwned over the years tells me otherwise. Using google auth sets your account security to be exactly as secure as your Google account.

A couple of things come into my mind. Note that this isn’t exhaustive.

• Google will obviously know you signed up for that service. Additionally, they will know when you log into your account.
• Google may provide personal information that are listed in the signup screen, such as your name, birthday, etc. You will be notified of what will be provided (highly doubt Google would blantly lie about this part), and it’s up to you to decide whether you want to provide them or not. The site itself may ask for more than necessary.

It’s a protocol called OAuth that pretty much lets google or whatever “sign in with XYZ” company take over the login process then share a unique identifier+ all information requested by the app on that “allow 3rd party to access the following” page. It’s essentially letting Google manage the user/password authentication instead of udemy.

I signed up for a bunch of things with my Facebook account, then I lost my Facebook account. I also lost most of those accounts.

Telling Google where you are.

Companies like google, facebook, and apple typically have better security. Other companies know that so rather than contracting with another third party or implementing themselves, they use oauth.

With oauth, apple, google, microsoft etc. will vouch for you. There are advantages and drawbacks, with, imo, the drawbacks outweighing the benefits. Key benefit being better security over poor practices and convenience. Drawbacks being less control of your accounts, consolidating your credentials into one basket, (especially if you use weak authorization), and the potential (likely) situation those accounts are monitored

If you get your YT account banned, and that happens all the time becasue the bots are going nuts, you will lose gmail as well.