There’s been a lot of brouhaha this week about Gmail and the access that it’s giving third-party apps to your email. I already outlined exactly why this is not something to be particularly concerned about and how those headlines might be misleading to some. One of the key takeaways of my argument is that you still have control over your data and who gets to use it, so here’s how to do that…
How to remove third-party access to your Gmail inbox w/ Google Security Checkup
- Open up Security Checkup
- Remove third-party access
- You’re done
1. Open up Security Checkup
The primary key to making sure there aren’t any nefarious app developers out there using your Gmail inbox in ways it shouldn’t is a nifty tool Google offers called Security Checkup. It does exactly what any “checkup” does; you can run through a list of ways companies and apps outside of Google are using your account and decide how to act on them on a case-by-case basis.
You can click here to access the Security Checkup page, and you’ll want to make sure that you’re signed in to the appropriate Google account. If you have multiple, you may want to do a checkup for multiple accounts.
We’re primarily covering how to revoke third-party access to Gmail in this how-to, but the Security Checkup has many valuable uses beyond that. You can see which devices you own that might need a passcode lock, events that may have triggered a security warning, and update your verification methods including backup email addresses, your phone number, and more.
2. Remove third-party access
If you scroll down you’ll see a section titled “third-party access”. Google estimates the risk of the apps associated with your account, and tells you how many you have in that category. In my case, I have 5 apps that have “low risk access to your data”. One of those is Boomerang for Gmail.
You can quickly remove access by clicking “Remove Access,” but you can also click the small “i” button to getting a better glimpse of the app and details about the access it has. In this case, Boomerang has access to read, send, delete, and manage my email and it has 1-5 million Google Account users.
(To be clear, I’m not accusing Boomerang of doing anything malicious with your emails. They don’t.)
Of course, it’s worth remembering that if you revoke access to an app, you’ll lose access to all the functionality that that app brings. In the case of Boomerang, it’s an app that adds a bunch of features to Gmail such as the ability to schedule emails, and I’ll lose those features if I revoke access.
3. You’re done
And that’s it. Just “Remove Access” to all the Gmail-related apps that you don’t use. If you aren’t sure if you use it, then you probably don’t. And even if you later find out that you did, you can always give the app access again. I personally lean on the side of revoking access if I’m not sure about an app.
You might be familiar with the concept because it’s not unique to Google. On Facebook and Twitter as well, you can find a list of apps that you’ve authorized to use your account and data. You might be surprised by how many apps you’ve mindlessly given your data to, but that’s why we’re doing this — it’s just good practice to make sure that third-parties don’t have access to things they shouldn’t.