Twitter, Facebook and LinkedIn are now the most common authentication methods used to access apps and products online, without having to fill up yet another profile.
The thing is, if you are like me, you sign up to try quite a few services and products every week/month, many of them from developers you don’t know much about.
A quick scan of my Twitter settings (Settings->Connections) shows over 130 apps have access to my Twitter account, the vast majority with Read&Write access meaning they can push to my feed at any given time without me being notified about it. And that’s Twitter only. I suspect the number goes way over 200+ if I add Facebook and LinkedIn.
I am not utterly paranoid but what is a bit frightening is the low level of control and information I have about what these apps do.
- When was the last time they connected to my account to read my info ?
- When was the last time they connected to my account to write ?
I rarely go back in my feed to check it so how would I know if some malicious app had pushed a message in my feed ?
I think it’d be nice for the service providers (Twitter, Facebook, LinkedIn) to do a bit of monitoring for their users so we can rapidly know if something weird of unexpected happened or if some app behave suspiciously. Like a mini-dashboard.
Or it might be a simple product idea for a startup.
The rise of these authentication services will probably continue has we like the convenience of using them to authentify ourselves to new services. I think it would make sense to expect some control over it.
What do you think ? Am I the only one looking for a bit more control there ?