Saturday, March 6, 2021
CybersecFill
Advertisement
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
CybersecFill
No Result
View All Result
Home Blog

Social Media Security Series: Part 1

Cybersecfill by Cybersecfill
February 24, 2020
in Blog
0
Third party application
Share on FacebookShare on Twitter

Third Party Permissions and Session Management in Social Media

It has become apparent that online account management is a hugely neglected part of our social media experience. Most of the attention is on passwords and more recently, 2-factor authentication; which is great. I’ll like to highlight a constantly ignored aspect of account management and privacy generally referred to as 3rd Party Access.

I’ll also touch a bit on Session Management because they as similar concepts. At the end of this article, you should understand what the concepts are and know how to better manage your social media accounts. For the sake of this article, our focal platform will be Twitter; and we’ll briefly cover Instagram and LinkedIn as well.

Simply put, a 3rd party is anyone who isn’t directly involved in an agreement. A very common example, is a service offering users a way to view all the people who aren’t following them back on Twitter. In this scenario, Twitter provides the users a service – which you’ve agreed to when creating your account; while this 3rd party service is like a bonus feature as twitter can function without it.

So why am I talking about 3rd Party Access..?

3rd party services tend to offer something attractive to users, in exchange for some access to your account. If they want to give you a list of everyone who isn’t following back, they need to see who you’re following and who is following you first. Once you give them access to your account, they can do whatever they are permitted to (whatever you agreed to let them do when registering for their service). So you want to be careful when clicking ‘next’ or ‘agree’ on apps and websites.

In some cases, they could have access to your DMs, trends, timeline, followers, with the ability to make modifications. Another danger is that their access could be persistent forever. Meaning that – as long as you don’t revoke that access, it remains.

So if you come across this article, please join me as we check to see what 3rd party services have access to our Twitter accounts, and for how long.

Third Party Access and Session Management for Twitter

The steps are as follows:

  1. In the app options, tap ‘Settings and privacy’.
  2. Select ‘Account’ – this should reveal your account information, as shown in the  image below.
  3. Scroll down and select ‘Apps and Sessions’ – this should take you into the  embedded browser and display a page like the one shown below. This shows a list of every app (service) that has access to your account, and a list of every device your account is logged into – also known as Sessions.
  4. To revoke access, select the app you don’t want to have access to your account by clicking on it.
  5. Click ‘Revoke Access’ – usually in red. Below, access has been revoked hence “undo revoke access”.

As you can tell by now, even though a user may have forgotten about the service over time, the access remains until revoked. A reason to revoke them is many of these 3rd parties are not as diligent in handling data or as security conscious as Twitter.

I urge you to also look at the Sessions. Perhaps you’re wondering how your ex always knows what you’re up to LOL. You could have logged in on his/her device in the past, and never logged out, and now they can read your messages. So log out sessions you do not recognise immediately by tapping the device you and tapping “Log out of the device shown”.

To log out all sessions bar the one you’re using, tap the “Log out all other sessions” button, on the “Apps and Sessions” page. Also, make it a rule to log out all sessions whenever you change your password. This will ensure that every device you have logged in through, will be logged out and require the new password to log in.

Note that these concerns cut across all social media platforms that have such features. Keep reading to learn how to manage 3rd party access and sessions on Instagram and LinkedIn.

Third Party Access and Session Management for Instagram

Here are the 3rd party management steps for Instagram:

1.Go to your profile and tap ‘Settings’. A page like the image below will be displayed.

2.Select ‘Security’.

3.Scroll to ‘Apps and Websites’ and select it. You’ll be shown 2 categories namely; Active and Expired.

4.Select ‘Active’ to display the apps and websites that you have granted access to in the past.

 

5.You can now review this list. If you decide that you do not want these apps and websites to have access to your information and profile, click on the ‘Remove’ button – next to the name of the app or website in question. But if you’re okay with the list, press back.

6.For session management, select ‘Security’ in the settings, and go to ‘Login Activity’. This will display all the devices where your account is logged into.

7.After reviewing them, select the ‘Options’ button on the one you want to remove and hit ‘Log out’.

Third Party Access and Session Management for LinkedIn

Lastly, here are the 3rd party management steps for LinkedIn:

  1. Tap your profile picture at the top left corner of the screen and tap ‘View profile’. On your profile page, select the settings symbol at the top right corner.
  2. Under the ‘Account’ tab, select ‘Permitted services’.

  1. Like we have done for Twitter and Instagram, go through the listed services and decide if you want to revoke access or not.
  2. Select the service in question to view the option to revoke permissions.
  3. For session management – still within the ‘Account’ tab, select “Where you’re signed in”; which shows your active sessions.

 

  1. To log out from a device, scroll to the device in question and tap the ‘End’ button on the far right of the session details.

And that’s basically what you need to know about 3rd party and session management on Twitter, Instagram, and Facebook.

Remember to share this important post with your friends and family because we are responsible for our internet safety and data privacy.

Watch out for the Part 2 of this Social Media Security Series.

About Author

Samaila Bako is a Cyber Security Awareness Trainer who is passionate about digital forensics, social engineering, and device security. He is a certified ethical hacker who is interested in how emerging technologies like Internet of Things, Cloud and Artificial Intelligence, affect the size and safety of data.

Twitter – @atsen_

 

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Tags: cyberintelligencecybersecurityNigeriasocial media
Cybersecfill

Cybersecfill

An independent Nigeria cybersecurity blog aimed at sharing cybersecurity news, articles ,blog and opinins.

Next Post
COVID-19-a-new-work-order

COVID-19: Security in the Wake of a New Work Order

Subscribe

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

  • Trending
  • Comments
  • Latest
credit card cloning

How Credit/Debit Cards are Cloned / Preventing Card Cloning

December 26, 2019
Wifi 6 Security

Did Wi-Fi 6 come with an Improvement In Security?

May 13, 2019
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

July 1, 2019
Wireless Access Point

How To Secure Your Wireless Access Point (WAP)

August 3, 2019
Facebook

Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications

8
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

6
Cybersecurity Jobs

Cybersecurity Jobs – You can create your own Cybersecurity Role

4
open Source intelligence tools

Open Source Intelligence tools – OSINT

4
Smart Phones…. Prime target for Cybercriminals!

Smart Phones…. Prime target for Cybercriminals!

March 5, 2021
Insider Threat!!!

Insider Threat!!!

March 4, 2021
5G Dangers: What are the Cybersecurity implications?

5G Dangers: What are the Cybersecurity implications?

March 1, 2021
Key Differences Between Firewall And Antivirus

Key Differences Between Firewall And Antivirus

February 27, 2021

Recommended

Smart Phones…. Prime target for Cybercriminals!

Smart Phones…. Prime target for Cybercriminals!

March 5, 2021
Insider Threat!!!

Insider Threat!!!

March 4, 2021
5G Dangers: What are the Cybersecurity implications?

5G Dangers: What are the Cybersecurity implications?

March 1, 2021
Key Differences Between Firewall And Antivirus

Key Differences Between Firewall And Antivirus

February 27, 2021

© 2020 CybersecFill. All Rights Reserved.

No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us

© 2020 CybersecFill. All Rights Reserved.