Which third party services have you granted access to your Twitter account?

Motivation

Can't remember all third party applications you have granted access to Twitter? Me neither! It might be wise to remove the ones you do not use anymore, just to be more secure.

Each week I listen to security expert Graham Cluleys great podcast Smashing Security. In this weeks episode he talked about how his twitter account posted some nazi propaganda last week.

Even though he had two factor authentication set, he had earlier accepted a third party app, Twitter Counter, with read and write permissions to his Twitter account. Twitter Counter got hacked, and the hackers posted this to several other Twitter accounts too through the access of Twitter Counter.

Check your own Twitter account

I found several services I don't use anymore and

Enter your Twitter settings (https://twitter.com/settings/applications) and take a look. Something old here with both read and write access? Even messaging? You can disable them one by one with just a click.

In the picture above, if I would like to revoke the IFTTT application, I just press the Revoke access button. The button will change:

Just leave the button like this if you wanted to revoke the access, otherwise press the now "Undo Revoke Access" button to get the access back.

In my case I found several third party apps I had forgotten about, some from 2010(!):

  • Flipboard Permissions: read, write, and direct messages
    Approved: Tuesday, October 11, 2011 at 7:14:08 PM
  • CTFtime.org Permissions: read-only
    Approved: Thursday, August 21, 2014 at 8:25:23 PM
  • Bluenod Permissions: read and write
    Approved: Thursday, June 11, 2015 at 9:16:44 AM
  • IFTTT Permissions: read, write, and direct messages
    Approved: Sunday, October 18, 2015 at 6:24:25 AM
  • Futuretweets V3 Permissions: read and write
    Approved: Tuesday, July 14, 2015 at 9:01:57 PM
  • Twittimer Permissions: read and write
    Approved: Wednesday, June 8, 2016 at 7:34:52 AM
  • Google Wave (Tweety) Permissions: read and write
    Approved: Monday, February 1, 2010 at 6:45:29 PM
  • img.mu Permissions: read and write
    Approved: Tuesday, December 10, 2013 at 4:26:05 PM
  • LinkedIn Permissions: read and write
    Approved: Tuesday, December 27, 2011 at 6:32:42 AM
  • Tweetbot Permissions: read and write
    Approved: Monday, August 25, 2014 at 4:47:47 PM
  • TweetCaster Permissions: read and write
    Approved: Thursday, November 22, 2012 at 8:41:51 AM
  • Commun.it Permissions: read, write, and direct messages
    Approved: Wednesday, October 7, 2015 at 1:53:04 PM
  • DISQUS Permissions: read and write
    Approved: Friday, June 10, 2016 at 6:19:40 PM
  • Nambu Permissions: read and write
    Approved: Thursday, November 22, 2012 at 7:15:39 AM
  • Periscope Web Permissions: read-only
    Approved: Saturday, March 11, 2017 at 12:13:06 PM
  • Twitpic Permissions: read and write
    Approved: Thursday, November 28, 2013 at 3:28:48 PM
  • TweetDeck Permissions: read, write, and direct messages
    Approved: Thursday, November 22, 2012 at 6:59:48 AM

Other Accounts?

Well, this was just about Twitter. What about other application you have accepted third party applications to have read and write access to? Take a look at:

Happy access cleaning! :-)