Skip to Main Content
Lifehacker Logo

Is There Any Reason Not to Use My Social Network Account to Sign Into Apps?

Dear Lifehacker,
Why do all these apps on my phone and on the web want my Facebook (or Twitter and Google) information to sign up for an account? Is it safe to use these?

Sincerely,
Signing Off?

Dear SO,
Social logins are pretty common these days. You need a Twitter, Facebook, or Google account for a lot of services. Sites and apps want to link to your social network account for two main reasons: authentication (it saves them from storing your password and info), and to collect your data from you social network. Here's what each of them do, and why you might not want to use them.

Why Services Require You to Sign In with a Social Network Account

The main reason services require you to sign in with a social network account is a security measure called OAuth. We've talked about OAuth before, and it's pretty simple: it's a means to log in to a third-party site (like the Gawker discussion system) using your Facebook, Google, or Twitter information. This makes it so web sites don't have to worry about keeping your password and username secure.

Understanding OAuth: What Happens When You Log Into a Site with Google, Twitter, or Facebook Read More

Basically, when you log in to a site with OAuth, you're granting them access to your account—like you're showing them the secret back gate to get in—but you can close that gate at any time. They don't get the keys to the house, they just know where the door is. This means if the third-party site is compromised, your Facebook, Twitter, or Google account aren't (although the services you grant access to can continue to post, read, or whatever else on your behalf if you don't cut that off).

In a lot of cases, the OAuth authentication is all an app wants or needs. However, in other cases, you're also granting apps and webapps access to your data. Calendar apps, address books, music services, and anything that uses your social network to provide news commonly do this. When you sign up for a service, you're taken to your Facebook, Google, or Twitter page and shown what that service has access to, if it can post to your account, and who can see those posts. On their own, these aren't dangerous (unless you're worried about services collecting your data), but they do have the potential to get annoying.

Thankfully, it's incredibly easy to see what those apps have access to, and revoke their privileges.

Why You Might Not Want to Use Your Social Networks with Apps

In a lot of cases, social integration—whether it's in the form of accessing data or as a security measure—is a good thing, but that doesn't mean apps don't end up doing annoying things on your social network accounts. As a good rule of thumb, if you don't want anything automatically showing up on Facebook or Twitter, don't let apps post for you. In the case of Facebook, you can at least change the "Posts on your behalf" setting to Only Me" so if the app does post something, nobody will actually see it. If you want to revoke those permissions completely, it's pretty easy to do manually, or with a service like the previously mentioned MyPermissions.

MyPermissions Is One Convenient Place to Start Cleaning Up Your Apps Permissions Read More

Review Your Facebook App Permissions

A lot of apps want access to your Facebook account so they can integrate social features. For example, a number of calendars want access so they can add in birthdays and events. In most cases, these apps only have access to your events, but not every service out there plays nice with your account. Reviewing your permissions is very easy:

  1. Visit Facebook, click the gear icon in the top right, and select "Account Settings."

  2. Click the "Apps" tab on the left side (or just head straight to it if you're already signed in).

  3. Select "Edit" to change the permissions of any app, or click the "X" to revoke access to your Facebook account.

It's a good idea to clean up your Facebook permissions regularly, so make a habit of checking out this tab every once and a while.

Clean Out Your Facebook App Permissions as Part of Your Spring Cleaning Regimen Read More

Review Your Google App Permissions

Google also has its own set of app permissions, although it's likely not as cluttered as your Facebook account:

  1. Head to the Authorized Access to your Google Account page

  2. Click "Revoke Access" to any apps, sites, and services you no longer use.

That's it. Unfortunately Google doesn't let you fine tune control over what data apps have access to, so it's an all or nothing approach.

Review Your Twitter App Permissions

Twitter is much like Google in that you don't get to fine tune the access that apps have, but it is incredibly easy to revoke their permissions:

  1. Visit Twitter, click the profile menu in the upper-right corner of the screen, and select "Settings."

  2. Click "Apps" on the sidebar on the left (or head straight there if you're logged in).

  3. Review the list, what type of access they have, and click "Revoke Access" if you no longer want them.

The main cause of concern you should have with any app that has access to your social network account is that they can access your personal data, or post something without you realizing it. If you don't like giving that data away freely, you're best off searching for services that allow an email login instead of linking to your social network account. Reviewing the privacy policy of any app you link is also important, and if nothing else, check the permissions to make sure it can't post something without you knowing it.

Good luck,
Lifehacker

Have a question or suggestion for Ask Lifehacker? Send it to [email protected].