If you’ve ever signed in to a third-party app or website using your Facebook account, you should take a moment and update a few security settings.
Facebook recently discovered that apps that had been removed — either automatically after 90 days of inactivity or manually by the user themselves — could still access some Facebook data. Facebook’s blog post on the error uses the specific example of someone using a fitness app “to invite their friends from their hometown to a workout, but we didn’t recognise that some of their friends had been inactive for many months.” The app could then collect more data without getting authorization from the user, simply because it was used before.
While there doesn’t appear to be any malicious intent, bugs like this could still lead to security issues. Luckily, Facebook fixed the issue immediately and found no evidence of leaks or mishandled data, but this is a good time to remove any apps linked to your Facebook account that you aren’t using anymore, just to be safe.
How to unlink third-party apps from your Facebook account
- Open the Facebook app on iOS or Android, or head to Facebook.com in a browser if you’re on desktop.
- Open the Settings menu, then scroll down and click/tap “Apps and Websites.” This opens a new menu with a list of all third-party apps and websites that you log into with Facebook or have granted access to your Facebook account in some way.
- Remove any apps you no longer want linked to your Facebook account (note: be sure to back up and/or delete any data from these apps/websites you want to save before unlinking it from your Facebook account.)
- If you don’t see any apps listed it means that you’ve either never logged into a third-party app using Facebook, or that it’s been long enough that Facebook removed them from your account for you (Facebook starts automatically removing apps from user accounts if they aren’t accessed for 90 days). Removed/unlinked apps might still have the data it previously collected on you, but won’t be able to track you after being removed.
The “Apps and Websites” menu also lets you edit your account’s default interactions with third-party apps through Facebook.
Click the “Edit” button under the Apps, Websites and Games or Game and App Notifications panel to turn the features on/off. Turning off Apps, Websites and Games will also remove all external apps from your account. Doing so also prevents you from sharing/liking content from other websites or platforms using embedded Facebook shortcuts, but it’s the best way to stop other websites (and Facebook, for that matter) from tracking your account activity.