You are asking a huge question here. Construct does come with objects that can connect to Facebook. However connecting to Facebook incorporates not only settings within Construct, but also on Facebook itself. I know very little to nothing on the Google login. If your game is hosted on your server. Bascially you AJAX save information through a .php file to save data onto a MYSQL database. The passwords would have to be encrypted. Through the .PHP or even better maybe within Construct? I'm guessing it's better to encrypt on the .PHP side. This is why now a days if a website has good security, they can never retrieve your password only reset it. Decent servers don't store user data without encryption. So a company never actually knows your password. I would suggest narrowing down your question. Provide a .capx.