Practically every new app you download forces you to create an account. Instead of plugging in your email and trying to think of a password, linking to a social media account is so much more convenient—one click and you’re in. But you might pay the price for that time-saver.
As if that wasn’t unsettling enough, giving strangers access to personal information could make it easier to hack basically every account you’ve ever made, says Velasquez. Liked Bank of America’s Facebook page? Hackers know where to start. List your mom’s name in your About Me section? There goes one security question. Shared a picture of your dog? There goes another.
To protect yourself from an easy-to-hack security question, Levin recommends lying. “You can tell them you went to Sky High for high school,” he says. “But if you’re going to lie, make sure you’re not so creative you can’t remember the lies and you get shut out.”
Not only can third-party sites gather and sell your information, but they could also post without your permission. Even if they don’t steal money from you directly, they could post racist or misogynistic comments, posing as you, says Velasquez. “Things get posted on accounts that are so egregious that it causes them to lose their job,” she says. “The reputational damage can have a financial impact on the victim, even if it’s not an actual theft.”
Plus, linking a site to your Facebook instead of making a separate login could leave that third-party app more vulnerable. “We know that social media sites are prime targets for hackers,” says Levin. If the hackers get onto your Facebook, there’s a chance they could find their way onto all the other apps you’ve connected it to, too. That’s why Velasquez recommends never linking a site that has sensitive information, like your credit card or Social Security number, with your social media account.
Some sites won’t let you on without connecting to Facebook, and others might ask for information you don’t mind sharing, so it’s up to you to decide when to link those accounts, says Levin. As a rule of thumb, though, it’s best to create a new username for every website and app, with long, strong passwords (i.e. none of these common passwords hackers will try) for each, he says. If you have trouble remembering them, get a password manager. Just read reviews first to make sure it doesn’t have bugs, says Levin.
Don’t sweat it too much if you’ve already given tons of apps access to your social media accounts. It’s easy enough to find what has access and disable them. “You can never undo the past info you’ve shared, and you did give somebody access, but you can lock the door behind them and say, ‘you don’t get it anymore,’” says Velasquez.
Here’s how to find which sites have access to your social media, and disable them if you want:
Settings > Apps
Menu > Settings > Account Settings > Apps > Logged in with Facebook
Settings and Privacy > Apps
myaccount.google.com > Sign-in & Security > Connected apps & sites