Social networks like Facebook, Twitter, LinkedIn and Google+ make it easy to share information with people from different personal and professional circles. Users can access these networks from standard PCs or specific applications on their smartphones or tablets.
So how can you find out – and control -- which applications are able to access your Facebook, LinkedIn, Twitter and Google accounts?
keyword: transparency
To make sharing on the Web as simple and seamless as possible, these social networks provide “widgets” (mini applications) that can be integrated into other websites. These widgets enable users to tweet a page or “like” it on Facebook in a single click. Some specialized websites even let you consolidate all your social networks, so you can post a message to several accounts at once.
one-time authorization and you’re done
When you open or launch an application for the first time, you are asked to grant it certain rights to access your Facebook, Twitter, LinkedIn and/or Google+ accounts. Once you’ve done so, the application automatically connects to your account and uses it in your name.
the dangers of unmonitored use
The catch is that over time these applications tend to add up. That’s why it’s important to periodically check your application authorizations and clean house if necessary.
Another risk is that an intruder could add itself to your list of authorized applications without you noticing. This is especially dangerous because an application’s ability to access your accounts doesn’t change, even if you change your main password. Actually, third-party applications and websites (fortunately) never have your main password. The secret to this trick is software called OAuth.
checking your list of authorized applications, websites and services
Each service provides a specific page to check the list of authorized applications and access rights:
- Facebook: Account Settings > Apps
- Twitter: Settings > Applications
- LinkedIn: Settings > Groups, Companies & Applications > View your applications
- Google: My account - Sites, applications, and connected services
no-risk housecleaning
Don’t hesitate to delete access for applications you don’t know or no longer use. And don’t worry: if you accidentally delete an application that you want to keep, you can always authorize it again the next time you use it!
tracing access rights: Facebook stands apart
Thumbs up to Facebook for being the only service that gives you an application access history. This makes it possible to identify any possible issues or misuse.
So, what do you think?
Jean-François
photo credit: Gautheron
source: Lenny Zeltser, “Which Apps Are Authorized to Access Your Social Networking Accounts?”
Au sein de la direction sécurité du Groupe Orange, je suis en charge de la veille sécurité et de la sensibilisation à la sécurité. Franchise, optimisme et bonne-humeur sont mes moteurs quotidiens