Time To Review Who You've Granted Access To

toggle-button

You may have seen the recent news story that 7 million Dropbox accounts have allegedly been hacked, and their passwords posted online.  Dropbox claims that most of the posted accounts were old and their passwords had already expired.  Dropbox also reminded us that their own systems had not been hacked.  The problem, we are led to believe, lies in the servers of those third-party programs to whom we all-too-easily grant access to our information.

It's all too easy, when you sign up for a new online service or you download an app to your tablet, to click the button which links the new item to your account on Dropbox, Facebook, Google, or whatever.  It's useful, and means that you can for example save information directly from your new app into Dropbox, Google Drive, or whatever else you choose.  But as time progresses, and you stop using certain services and apps, their servers still theoretically have access to your information.

Which is why it makes sense to periodically review the permissions you've granted, and revoke any that are no longer necessary.

If you log into your Dropbox account via their web site, for example, and click on your account settings, you'll see the list of accesses you've granted.  Which, as you can see from the screen shot below, was actally quite extensive in my own case.  Needless to say, I no longer use any of those apps so I've revoked all of their access to my Dropbox.  You should be able to review your own Dropbox linked apps at https://www.dropbox.com/account#security once you've logged in.

Google offers a similar feature.  If you have a Google account, or you use Gmail, head to https://security.google.com/settings/security/permissions and revoke the permissions of anything that doesn't need access to your data.

 

 

Please rate this article: 

Your rating: None
4.466665
Average: 4.5 (15 votes)
toggle-button

Comments

WordPress either free or hosted is pretty good at showing you what has permission from elsewhere.

LinkedIn app is one of the worst. It doesn't need permission once installed on your phone or tablet to start telling you to connect to your long-dead grandmother.

http://community.linkedin.com/questions/15556/how-did-linkedin-get-my-ad...

Any suggestions for sneaky connections?

Here's the web site I use that pulls a lot of them together:

http://mypermissions.org/

Great article. I checked mine and found I had a whole lot of things I had completely forgotten about. Deleted a bunch. Thanks!

Hi,
Great idea to publish this article. I'm sure that many folks like myself forgot all these permissions. Now we realize what's going.
Thanks, DM

Awesome article. I needed that.