Do you give mobile apps the keys to your kingdom?

Summary:We are using more mobile apps than ever on our gadgets and many of them interact with our online accounts. Linking apps to online accounts can give them access to all kinds of personal information.

hacker-ninja

This week we've heard the horrendous tale of Wired reporter Mat Honan's getting all of his mobile devices hacked. Honan's situation could have been worse but was frighteningly bad enough, made worse by his linking various online accounts. His situation was the result of a team of hackers determined to get into his Twitter account, but the fact is many of us willingly give mobile apps the keys to our online existence.

See related:

Do you use an app to work with your Twitter account on your phone or tablet? Most of us do and that means we've voluntarily given our Twitter login credentials to someone we don't know. Most app developers are good folks but lets face it we can't know that when we enter our credentials in the app.

Handing over our Twitter credentials isn't that risky, a bad guy could only post bad tweets under our Twitter handle. Or worse they could change login information, thus locking us out of our own Twitter account. That's how Honan discovered he had been hacked when the bad guys posted racist and homophobic tweets to Gizmodo's Twitter account. Honan used to work for Gizmodo and had linked his personal Twitter account to Gizmodo's.

Twitter aside, many of us have willingly given our Gmail credentials to various mobile apps. This is a huge exposure for compromise as that login gives access to our Google account. That affects email, Android devices for those who use them, and even the Google Wallet account, an online payment system. The keys to our entire mobile kingdom in other words.

Apps that work with Google Reader are commonly used, and they require the Google login credentials to work. Many of you, like I have done, have entered your Gmail login to such apps. We have willingly handed access to our entire Google online existence to a perfect stranger or strangers.

Email apps are a dime a dozen and if you've installed one or two you have given your email account credentials to those apps to make them work. The risk is not very great if the apps come from known identities but that's not always the case. Many apps come from small developers, perfect strangers in other words. Even if we check them out and they are good guys, what happens in the future if they sell the app to someone else? Our login information is part of the deal.

It's worth repeating that most app developers are great people who take pride in protecting user information. That doesn't mean there aren't some bad folks out there, and when an app asks for those account credentials we should think twice about just handing them over.

Good developers use proper techniques to keep our important credentials safe. If an app asks directly for your Gmail login credentials, think twice before handing them over. 

Image credit: Flickr user zodman

Topics: Apps, Google, Privacy, Security

About

James Kendrick has been using mobile devices since they weighed 30 pounds, and has been sharing his insights on mobile technology for almost that long. Prior to joining ZDNet, James was the Founding Editor of jkOnTheRun, a CNET Top 100 Tech Blog that was acquired by GigaOM in 2008 and is now part of that prestigious tech network. James' w... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.