When signing into Kalix you have the choice to either use an email/password or use a single sign on approach with Google or Facebook. A single sign in effectively sends you to your selected site to get you to sign in, and those sites then tell us who you are (Assuming you give them permission to):
Single Sign In
We recommend you use single sign in over email and password:
Security in websites (and indeed in any organisation in general) is a sliding scale. The costs becomes exponentially greater for a small amount of extra security. These companies deal with millions of users and as such generally have a much more robust security system around them (for example you have to put in your phone details so you can recover your account).
The mere act of not having to remember another password is itself an excellent security measure. Very often users use the same password over many sites because it is difficult to remember so many passwords at the same time, or users start using simpler passwords. This single sign on method allows you to use a single very strong password on the site of your choice
Not only is are you more secure but the single sign on is more convenient. If you are currently logged into your specific service you will not have to re-enter another password.
If you decide that single sign on is not appropriate for you or your organisation using an email/password combination is still highly secure. Any password that you create should be minimum 8 characters long and have a good mixture of uppercase, lowercase, and special characters. Behind the scenes your passwords are 'salted and hashed' which is a one-way process that makes a virtual 'lock' that can only be opened by your password. This way even administrators of the site cannot read or recover your original password. If you forget your password you can easily use the forgotten password mechanism in Kalix to set a new password (it sends a link to your email address).
To read more about selecting a secure password, click here.