Chris has personally written over 2,000 articles that have been read more than one billion times-and that's just here at How-To Geek. ![]() if you see a password prompt after clicking a link like the ones above somewhere on the web, be sure to verify that you're actually on the real website and not a fake, imposter site.Ĭhris Hoffman is the former Editor-in-Chief of How-To Geek. Phishers impersonate sites in this way to steal your passwords. It's generally a bad idea to click links on websites that promise to access your Google, Microsoft, Facebook, or Twitter accounts and sign in with your password. If you use another website and you've given third-party applications access to it with a similar-looking OAuth prompt, you'll need to check its account settings page and look for a list of connected sites, services, or apps to manage. and revoke access to services you no longer use: If you use a service, click its link to check your list of connected services. To speed this up, we've collected a list of links to the appropriate pages on popular websites that use OAuth. If you see a service or app you no longer use, revoke its access to your account with a click or two. To secure your accounts, you'll need to visit a specific page on each website you use and check your list of connected services. If you don't use a service or application anymore, you should remove its access just to be safe. You should only give access to applications you trust and regularly use. Even if you change all your passwords and think you're starting over from scratch, services you've given access to your account will maintain that access. Or the web service itself could be compromised by attackers who use its access to accounts to do something bad.Ĭhanging your password won't automatically revoke access to connected apps, either. The app could be sold to new owners who want to use the app to make a quick buck - like how popular Chrome extensions are sold to advertisers who pack them full of adware. The app could use its access to gather data about your without your permission. If you don't check your list of authorized applications and remove it, that app still has access. ![]() ![]() You might try an app once and never use it again, or you might have stopped using an app years ago. But it's easy to forget which apps and services have access to your account. The account's website provides the service with a token it can use to access your account. If you agree to the prompt, that app gets access to your account. Instead, the application requests access using something called OAuth. When you use an application or web service that requires access to an account - for example, anything in your Google account, files in your Dropbox account, tweets on Twitter, and so on - that application generally doesn't ask for the service's password. Related: Why You Should Use a Password Manager, and How to Get Started Why Third Parties Probably Have Access to Your Accounts You should regularly check your lists of connected services on the websites you use and remove services you no longer use. In other words, there are probably quite a few other web services that have access to your personal data. Every application you've ever allowed keeps that access forever - or at least until you revoke it. ![]() You've probably given a few applications or websites access to your Google, Facebook, Twitter, Dropbox, or Microsoft account. Why Third Parties Probably Have Access to Your Accounts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |