James Mayes

Blog: Secure your Twitter account – Spring cleaning time!

In Social Media, Twitter, Twitter Tips on March 2, 2011 at 1:11 pm

Once again, Twitter’s been hit by a few rogue applications over the last week.  The two that have caught me are MyTwitterDirectory and Time on Twitter.  Both require you to sign in with Twitter, and both immediately tweet on your behalf, without expressly asking your permission.  Whilst I haven’t checked the fine print, I’m pretty sure this goes against the spirit of the Twitter API terms of service, so I doubt they will be around for long.  In the meantime though, what should you do?

  1. Delete the offending tweet.  These things tweet in order to be visible to your followers and grow. By removing the tweet from your stream, you reduce the number of people likely to get caught. There’s more detailed explanation of this here, from security firm Sophos.
  2. Revoke the applications’ access.

The second part effectively removes the connection between your Twitter account and the app – so stops it doing anything in future. If you check, you’ll probably find you have a bunch of other apps you’ve authorised in the past and either forgot about or moved on from.

Use this as a good opportunity to do a Spring clean. First up, go to twitter.com and log in. Next, open up your account Settings menu. On “New Twitter” (bravely assuming you’ve all now made the transition!) the menu is in the top-right corner.

Once you’re in the Settings menu, you’ll have a series of options presented.  Choose Connections.

You’ll now have a list of all the apps which have authorised access to your Twitter account.  More than you thought, I’ll wager.  Underneath each, you’ll see the option to Revoke.  Click it for each app you wish to remove.

<UPDATE Oct 2011>> Layout is roughly the same, Connections is now renamed Applications.

Be careful at this point not to get over-zealous.  For example, you may not have a WordPress blog, but you might have authorised it to make it easier for you to comment on other people’s – you’ll therefore want to continue to allow that. Likewise, don’t inadvertently remove the app you use for access from your phone!

Hope this helps – feedback, as always, is most welcome.

  1. Very interesting,although i dont fully understand how to use twitter lol.

  2. Useful post James, thank you. (Amusingly I did just have to authorise WordPress so I could leave this comment! LOL)

    • Good to see! WordPress might be, at it’s heart, a public blogging platform – but it’s right and proper that it protects your privacy when you use your user account to on a site you don’t own!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: