You're an idiot if you implement this. On iOS, use the device token and implement truly anonymous login without having to deal with anyone else brokering your users' data; I'm not sure what the Android equivalent is, but it can't be much more difficult.<p>Remember, Facebook is the same company that cuts deals with shady data brokers like the Datalogix (the company that buys your grocery store discount card data and re-sells it, among other things) to build a comprehensive profile of everything you do. Using them for this pseudo-anonymous "anonymous login" helps them a lot more than it will ever help you, as a standalone developer.<p>I can't wait for Facebook to trademark the term "Anonymous Login," just to complete the irony. Remember, if it was actually anonymous, you wouldn't need Facebook's help to implement it.
Over the years, Facebook has dabbled with a bunch of different ways of apps requesting/handling user permissions and data.<p>This is not, actually, the first time Facebook has enabled this level of granularity, as far as users being able to grant permissions piecemeal.<p>It used to be (not sure if it still is) that an app could request one permission here, one permission there, at various points in its application flow. But with each request (in which you could bundle a bunch of different permissions) it was either an "all or none" decision for the user.<p>This new approach just makes things a little easier, because you can present all of the permissions and data request up front and let the user pick and choose what should be granted.<p>I think this Facebook thing is really going to take off one day.
I never use Facebook Login for sites/apps, not because I don't trust the sites/apps with my FB data but because I don't trust FB with my app usage data.<p>Now, if I could log into Facebook without giving them access to my data, that would be a killer feature.
As a developer and user, I love this. For many small apps, it just doesn't make sense to ask people to create a username/password, but I still want a way of authenticating them. This move gives me a way to leverage Facebook for that without users giving up any privacy. A total win/win.
The most important thing FB can do is win universal login. And the #1 thing it can do to promote that is restore some faith in its privacy commitment. This is a very smart move.<p>Of course let's see how they implement it. If the process is too complex, it won't work for users. Given their reputation on privacy - it will be hard to recover. But (almost) no other company has as good a shot at this opportunity.
I'm bouncing between thinking this is great and this is awful. Ultimately I'm very curious how developers will use it.<p>The main risk seems to be what happens if Facebook decides to remove Anonymous login. You may have many accounts on your site that had logged in anonymously and participated, but now no longer have a way back in. This seems like an awful scenario, and yet a very possible one -- Facebook is quick to change and remove features on Platform.
A win for new sites that are starting up and can leverage the FB sign-in framework.<p>An example: I've wanted to try out <a href="https://giveit100.com/" rel="nofollow">https://giveit100.com/</a> since launch, but have been waiting for an alternative sign-in.<p>Thanks FB!
This is likely to get traction because generally:<p>- people have already signed up with Facebook<p>- people don't trust app developers with their FB data, and don't trust app devs not to post crap to their timelines<p>- people hate signing up for another service again with email and password (you have to give out your email, you have to create/reuse and remember a password)<p>The more open question is if it will cannibalize FB logins or get incremental people to sign up with FB (people want to do this anonymously but didn't have the option and gave up).
This is the exact opposite of the product I want. The group I least want in control of my data is Facebook and their ever changing security/privacy policies.
This is what happens when users are screaming "I want my privacy back" and you are stuck between corporate goals of monetizing users and user experience.
Facebook keeps framing thier role in providing OAUTH as one where they are protecting their users from all the bad guys on the outside. I thought it was clever marketing when I first saw them take this position but it seemed obvious to me that anybody who implemented Facebook login was giving Facebook the upper hand. One party gets free advertising and the other gets a scary looking permissions page that makes them look like an identity thief. In the process, the first party transmutes their bad press into the appreance of good will in countering the second party's apparent bad intentions.<p>Everybody must have caught on to Facebook's bad will psych game by now so why would anyone keep using Facebook Login?This latest change just moves the bad will to your login page. Every time someone moves to log in they will be reminded who Facebook thinks should be trusted and it's never going to be you.
Wow, it seems like they finally got rid of the minimum e-mail, profile, friends and all that jazz. Just finished reading the dev docs and it seems we can finally limit the minimum scope. Facebook can now just be used as a standard login.<p>Though they now need to educate users so that they don't still feel that their privacy is being violated.
The only benefit of anonymous facebook login over a native session is the supposed "cost" of creating too many accounts, and enabling things like a <a href="http://en.wikipedia.org/wiki/Sybil_attack" rel="nofollow">http://en.wikipedia.org/wiki/Sybil_attack</a><p>Actually I would like to ask if anyone here knows of more good solutions for making creating accounts expensive. Captchas ain't it anymore.<p>The best one I know is Phone Verification. <a href="http://www.blackhatworld.com/blackhat-seo/making-money/596992-way-bypass-craigslist-phone-verification.html" rel="nofollow">http://www.blackhatworld.com/blackhat-seo/making-money/59699...</a><p>Buying a cellphone in order to get an account is expensive enough. But is there something better?
Nice one. I've been using a Chrome extension called fPrivacy to do this presently on the web, since very few websites actually check to see if they've got all the extraneous information they requested. But it sometimes breaks the login process, so it'll be nice to get rid of it.<p>Next top feature Facebook should introduce: Automatically generate a new anonymous email address for each app. I can then go into Facebook settings later and prevent any of those addresses from forwarding to my personal address if that app starts spamming or gets hacked. They did have an anonymous email feature at some point, but it wasn't fully ready yet.
This is a horrible idea for app developers. If someone wants to sign up for my app, but doesn't want to create a real user account with an email address and personally identifiable information, then I don't have a real customer relationship or anything of value. So, why even make them log in?<p>I guess I just don't see the point of requiring a user account if it isn't adding value to either the user or the app creator.<p>One more reason not to use Facebook as a login mechanism I guess.
If anybody else is wondering what the hell "f8" is:<p><a href="http://en.wikipedia.org/wiki/Facebook_f8" rel="nofollow">http://en.wikipedia.org/wiki/Facebook_f8</a>
another idea, but thinking the following:<p>1. anyone who wants to use a site has to create an account with a fb "anonymous" login. there would be no more "free" access" because then you can start to tie free user behavior to actual conversion.<p>2. Once the user wants to pay, this is tied to giving more information--at least name and email address.<p>Will be interesting to see the details, because tying free behavior to conversion is a holy grail for marketers.
This seems like a fairly natural step for Facebook, as increasing app dependency on Facebook for account authorization is a step towards building a platform.
So basically fb gives each app a unique uid for that user so they can't be tracked across apps right? And returns no info for them?<p>Has anyone actually tried using this?
It's a great idea in theory, but a pile of shit in reality. What's the point in using third-party authentication if you get zero data from it? Unlike Facebook, my goal is not to sell user data to the highest bidder, it's to have the user skip the steps where they enter their real name and confirm their email address.
This is one case where Facebook is really showing Google how it's done. I mean, Google is failing to get Google Plus accepted as a social layer for Google's <i>own</i> pages, while Facebook is working on getting Facebook accepted as a social layer for <i>every other site on the Internet</i>.
We seem to start to really fail making distinction between anonymity and pseudonymity.<p>"Anonymous login" means you provide no identity information whatsoever. If you're "person #123456789" or "f93f9211-9f49-4bad-ad34-e00f8c536b0f" or whatever - you're not anonymous.
What is the point of this? I don't want to have to login with facebook at all. If some site has facebook login requirements I simply don't use that site anymore.<p>If you use facebook login for your site then you are shooting yourself in the foot if you care about users.
If you want truly anonymous login, might I recommend <a href="https://launchkey.com" rel="nofollow">https://launchkey.com</a><p>Obviously there's nothing truly anonymous about this service if Facebook knows everything about you...
I don't know if this is silly, but...<p>what happens when people blindly trust a button and someone decides to exploit that by making a fake one open a phishing pop up requesting your Facebook credentials? Has this been done?
By the way, Facebook already knows you're using an app <i>before</i> you log in, when the app pings Facebook to check the login status. This only prevents usage information leaking back to the app itself.
I've used a sudonym for years. FB depresses me? I guess
because I see my friends ageing. I did reserve my real
name; in case I ever really liked FB, but I am still using
a civil war veterans name.
Seems like an interesting choice for a demo video to showcase Flipboard (i.e. regarding their own stake in this realm of products, Paper). Granted this isn't about that, but that was fun to think about.
"People tell us"<p>People don't tell you anything, they don't have a way to do it. Facebook just does whatever it wants without caring about the users, lets cut the BS.