LOGO

Remove Third-Party App Access: Secure Your Online Accounts

October 19, 2014
Topics:FeaturesCloud & Internet
Remove Third-Party App Access: Secure Your Online Accounts

Managing Third-Party Access to Your Online Accounts

It’s common practice to grant applications and websites permission to access accounts like your Google, Facebook, Twitter, Dropbox, or Microsoft credentials. However, these permissions often remain active indefinitely.

Essentially, any application you’ve previously authorized retains that access until you specifically revoke it. This can lead to a surprising number of services holding access to your personal information.

The Importance of Regular Access Reviews

Consequently, a significant number of web services may currently have access to your data. It is crucial to periodically review the lists of connected services associated with your online accounts.

Removing access for services you no longer utilize is a vital step in protecting your privacy and enhancing your online security.

How to Revoke Access

  • Google: Check your Google Account settings under "Security" and then "Third-party apps with account access."
  • Facebook: Navigate to "Settings & Privacy" then "Apps and Websites."
  • Twitter: Access "Settings and privacy" then "Apps and sessions."
  • Dropbox: Go to "Account" then "Security" and review "Apps linked to Dropbox."
  • Microsoft: Visit your Microsoft account privacy dashboard under "Permissions."

Regularly auditing these connections allows you to maintain control over your personal data and minimize potential security risks. Proactive management of these permissions is a best practice for responsible online behavior.

The Potential for Third-Party Access to Your Online Accounts

Related: The Benefits of Utilizing a Password Manager, and a Guide to Implementation

When utilizing an application or online service requiring account access – encompassing platforms like Google, Dropbox, or Twitter – these applications typically bypass the need for your direct password. Instead, they employ a system known as OAuth to request access. Upon your approval, the application gains access to your account.

The service then furnishes the application with a token, enabling access without revealing your actual password. This method enhances security by safeguarding your credentials. Furthermore, it allows for granular control, permitting you to restrict access to specific data subsets – for instance, granting access to Gmail while excluding Google Drive files.

Access permissions are confirmed through a prompt displayed on the respective website. Consequently, granting an application access to your Google account will trigger a permission request on Google’s platform.

secure-your-online-accounts-by-removing-third-party-app-access-1.jpg

While this system appears secure, it’s remarkably easy to lose track of which applications and services possess access to your accounts. An app might be tested briefly and then abandoned, or its use discontinued after a prolonged period. Failing to periodically review and revoke access for unused applications leaves a potential security vulnerability.

An application retaining access could potentially collect your data without your knowledge. Alternatively, the application itself could be acquired by new owners seeking to monetize it through aggressive advertising, a common practice observed with browser extensions. Moreover, the service itself could experience a security breach, allowing attackers to exploit existing access for malicious purposes.

Simply changing your password does not automatically terminate access granted to connected applications. Even a complete password reset won't revoke permissions previously given to third-party services.

It is prudent to only authorize applications you trust and actively utilize. Should you cease using a service, promptly revoke its access as a precautionary measure.

secure-your-online-accounts-by-removing-third-party-app-access-2.jpg

Regularly auditing and managing third-party access is a crucial step in maintaining your online security. Protecting your online accounts requires vigilance and proactive management of permissions.

Securing Your Online Accounts

Protecting your online accounts requires a review of connected services. You must navigate to a dedicated settings page on each platform you utilize and examine the applications with granted access.

Should you identify any service or app that is no longer in use, its access to your account can be swiftly revoked with minimal effort.

Direct Links for Account Management

To facilitate this process, a compilation of links directing you to the relevant pages on widely-used websites employing OAuth has been assembled. Simply click the link corresponding to the service you use to review and manage your connected applications.

  • Google
  • Microsoft
  • Yahoo!
  • Dropbox
  • Flickr
  • AOL
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram
  • Foursquare

For websites not listed, locate the account settings section and search for a directory of connected sites, services, or applications to control access permissions.

Exercise caution when encountering websites offering direct access to your accounts – such as Google, Microsoft, Facebook, or Twitter – via password prompts. These are often phishing attempts designed to steal your credentials.

Always verify the authenticity of a website before entering your password, especially after clicking a link.

Determining which applications to remove is straightforward: if an application is unused, revoke its access. Regularly auditing your connected applications across all platforms is a proactive security measure.

When granting access to sensitive data, remember to revoke permissions upon ceasing use of the application or service.

#third-party apps#app access#online security#account security#privacy#data protection