Il is a long way from the time when you checked your e-mails exclusively on your computer. His email account is now registered on his iPhone, iPad and even his watch. It is also used in a multitude of applications, from its usual web browser to specialized third party clients.
This applies to other services as well. Your Facebook and Twitter accounts are most likely being used on multiple devices and in multiple applications at the same time. Especially as these social networks are increasingly serving as the primary authentication means for other services.
For the security of your data, it is important to control which devices and applications have access to your Apple, Google, Facebook accounts… The risks are multiple: a third party device may have been hacked or be malicious and thus misuse your data; a session that remains open on a device lent to a joking friend and it is your Facebook page that fills up with (bad) jokes; etc…
For these reasons, it is best to only allow devices and applications that you still use and trust. Here’s where you can manage permissions for key online services.
- My Account > Connected Sites and Applications > Manage Applications
- My Account > Device Activity and Notifications > Review Devices
Google’s security settings are complete. You can see for each application and connected site the rights that are granted (management of mail, contacts, Google Drive, display of the email address …) and the date of authorization. For the connected devices, we have the product model, the last synchronization date and the last place of use.
Google’s Help file advises that you should immediately remove full access to any application “that you don’t trust or recognize. »
- My Apple ID > Devices
Authorization management is easy to find at Apple since it is on the main page of the Apple ID space (which has recently been redesigned). Clicking on a device name displays additional information: model, system version, serial number, as well as IMEI and phone number for iPhone and iPad Cellular. “If you don’t recognize [a] device, we recommend deleting it from your account”, recommends Apple.
If you have enabled two-step validation, you can also check application-specific passwords by clicking the “Edit” button in section Security. These one-time passwords are used to log in to applications that do not support two-step verification without revealing your master password.
- Settings > Security > Where you are logged in
- Settings > Applications
On Facebook, you have to look in two places. In the security settings you can see on which devices and applications you are logged in. The approximate location, last access date and device type are indicated.
In application settings, you can control which third-party apps have access to your Facebook account. Note that there is an option to restrict access to your account globally if you wish: in the Applications, Websites and Modulesbox, click on “Edit”, then “Deactivate Platform” and again on this button to confirm.
- Settings > Your Twitter Data
- Settings > Applications
Twitter provides a device history and connection history, but does not allow you to revoke access to a particular device.
Management is only done by application. They are all listed with the requested permissions (read-write, read-only, access to the email address…) and you can disable access with one click. There is one special case: authorizations granted several years ago to certain iOS apps cannot be revoked individually. You must delete your Twitter account from iOS (General > Twitter > @pseudoTwitter) to remove access to these apps.
- Settings > Security
At Dropbox, the sessions, devices and associated applications are listed in the Security tab with some details for each one. A click on the small cross on the right allows you to close a session or remove access if necessary.
Have you cleaned up the devices and applications associated with your major online accounts? Perfect! While you’re at it, also make sure that you use different passwords for each service and that these are not easy to guess.
If you have many accounts, it is highly recommended that you use a password manager. The editor’s favorite is 1Password [5.4 / Demo – English – €31.99 – OS X 10.10 – AgileBits Inc]. In the free ones otherwise, there are LastPass and Dashlane (some functions are paid for, but the Mac client is free).
Finally, activating the two-step validation (entering a second code, received for example on one’s mobile phone, after one’s usual password) now offered by most services is a good way to reinforce the security of your accounts.