Why You Need to Stop Using Facebook, Twitter, or Google to Log Into Apps

You could be giving hackers the key to invade your privacy.

Practically every new app you download forces you to create an account. Instead of plugging in your email and trying to think of a password, linking to a social media account is so much more convenient—one click and you’re in. But you might pay the price for that time-saver.

By law, those third-party apps need to ask what information they can access, and who they can share it with. The problem is, you probably just click through without giving it a second thought. “When you get notice that says, ‘read our change in privacy policy,’ don’t flick it away like a mosquito,” says Adam Levin, founder of global identity protection and data risk services firm CyberScout and author of Swiped. The site could be asking for valuable information—like your contacts list, every page you like, and every quiz you take—that has nothing to do with how you use the app. That’s why you should never share these photos on Facebook.

Information is just plain valuable these days. Linking two accounts together means you’re sharing it in an even bigger way. “Data is the new currency,” says Eva Velasquez, CEO and president of Identity Theft Resource Center. “To have Facebook data combined with your shopping habits can be extremely valuable, not just to thieves but in current state of the world today.” If you bother reading the privacy policy, you might find out you’re signing away permission to sell that data.

As if that wasn’t unsettling enough, giving strangers access to personal information could make it easier to hack basically every account you’ve ever made, says Velasquez. Liked Bank of America’s Facebook page? Hackers know where to start. List your mom’s name in your About Me section? There goes one security question. Shared a picture of your dog? There goes another. These are things you should never do while using Public WiFi.

This-Is-Why-You-Should-Stop-Always-Using-Social-Media-to-Log-On-to-AppsTatiana Ayazo/Rd.com

To protect yourself from an easy-to-hack security question, Levin recommends lying. “You can tell them you went to Sky High for high school,” he says. “But if you’re going to lie, make sure you’re not so creative you can’t remember the lies and you get shut out.”

Not only can third-party sites gather and sell your information, but they could also post without your permission. Even if they don’t steal money from you directly, they could post racist or misogynistic comments, posing as you, says Velasquez. “Things get posted on accounts that are so egregious that it causes them to lose their job,” she says. “The reputational damage can have a financial impact on the victim, even if it’s not an actual theft.”

Plus, linking a site to your Facebook instead of making a separate login could leave that third-party app more vulnerable. “We know that social media sites are prime targets for hackers,” says Levin. If the hackers get onto your Facebook, there’s a chance they could find their way onto all the other apps you’ve connected it to, too. That’s why Velasquez recommends never linking a site that has sensitive information, like your credit card or Social Security number, with your social media account.

Some sites won’t let you on without connecting to Facebook, and others might ask for information you don’t mind sharing, so it’s up to you to decide when to link those accounts, says Levin. As a rule of thumb, though, it’s best to create a new username for every website and app, with long, strong passwords (i.e. none of these common passwords hackers will try) for each, he says. If you have trouble remembering them, get a password manager. Just read reviews first to make sure it doesn’t have bugs, says Levin.

Don’t sweat it too much if you’ve already given tons of apps access to your social media accounts. It’s easy enough to find what has access and disable them. “You can never undo the past info you’ve shared, and you did give somebody access, but you can lock the door behind them and say, ‘you don’t get it anymore,’” says Velasquez.

Here’s how to find which sites have access to your social media, and disable them if you want:

Settings > Apps

Facebook app:
Menu > Settings > Account Settings > Apps > Logged in with Facebook


Settings and Privacy > Apps

myaccount.google.com > Sign-in & Security > Connected apps & sites

Marissa Laliberte
Marissa Laliberte-Simonian is a London-based associate editor with the global promotions team at WebMD’s Medscape.com and was previously a staff writer for Reader's Digest. Her work has also appeared in Business Insider, Parents magazine, CreakyJoints, and the Baltimore Sun. You can find her on Instagram @marissasimonian.