Santa Clara University

Information Security Office

News and Events


Information Security News and Events

News, events, views, tips, and hints for keeping your personal information private.

  •  What Apps Have Access to Your Facebook and Twitter?

    Monday, Jun. 30, 2014

    While social media sites such as Facebook and Twitter make it easy to share things with your friends, they also make it easy to log in to various services and applications, too. As authentication brokers, these sites allows for their users to use their account credentials to sign into third-party sites. All the user has to do is to give permission for those sites to access their profile data.

    Facebook is a full-blown apps ecosystem. You may have added an app for a promotion or contest, played a game, or added new functionality such as music streaming. In most cases, it just means the app developer has access to some of your profile data. In the worst-case scenario, a malicious developer behind the service can use your account to send out spam.

    When was the last time you’ve checked to see what apps have access to your Facebook and Twitter accounts? If you are like most Internet users, you are probably long overdue for a cleanup.

    Below, are steps on how to perform an audit. An audit will let you review all the apps on your account and determine if they should still have access.

    Auditing Facebook
    To see a similar list on Facebook, you need to click on the gear icon on the top right corner of the screen, and then Privacy Settings. Clicking on Apps in the left-column brings up the App Settings page.

    Facebook gear icon

    Facebook App Settings

    The Apps you use section displays all the applications that have access to the account. You can remove applications you are no longer using by clicking on the “x” for each row. If you are still using the app, click on Edit to make sure you are okay with the information the app is collecting and has access to.

    Next, check the Apps others use (underneath Apps you use) setting as well, since apps, games, and websites your friends are using can also access your personal details, photos and updates. In this section, you can select which pieces of information your friends’ apps can access. You may not be comfortable with an app you are not using having access to your data. This is your chance to do something about it.

    Facebook Apps others use

    If you are adament about not using Facebook apps, there is another option. After removing every app, if you click on Edit, you can turn the platform off. If you do so, you won’t be able to log in to sites using Facebook or add any apps until you turn it back on. 

    Auditing Twitter
    You can view all the apps that have access to your Twitter account by clicking on the gear icon on the top right hand corner of the Twitter home page. Click on Edit Profile in the drop down menu that appears, and then on Apps in the Profile page’s left column.

    Twitter apps Gear icon

    Twitter apps

    This displays a list of applications you’ve granted access to your Twitter account. Are you surprised by the number of apps here? Revoke access to apps that you don’t recognize, or know that you no longer use. If you aren’t sure, remove them anyway. The worst thing that can happen is that the app will prompt you to re-authorize it the next time you need it. And if you never get prompted, then you clearly weren’t using it.

    You can revoke an app simply by clicking on the Revoke access button next to each app name. If you make a mistake, you can always re-enable access by clicking on the Undo Revoke Access button.

    Why Audit?
    You reduce your risk of unauthorized use of these apps, cut down on the chances of spammers taking over your account, and even remind yourself of tools and services you may have forgotten about. It’s a good idea to review your apps on a regular basis. Whether that’s once a quarter, twice a year, or annually depends entirely on your app usage. Just don’t neglect this aspect of maintenance. Your data will thank you.

    social media icon
Information Security Office, 1-408-554-5554,