Do you remember the Myspace page you created in 2005? Or the Tumblr blog from 2009? And the Ticketmaster account you created to go to that concert four years ago?
Most of us have online accounts that we no longer use, but that still exist — zombies that live on long after we need them. We may forget about them, but these accounts pose a risk. They make us more vulnerable to criminals who want to steal the personal data stored there, from our passwords to our contact information and even our credit card numbers.
The danger could be greatest for those who tend to use the same login details across multiple sites, experts say. That’s because hackers who breach a service with little or no valuable information — such as an old photo app with a handful of cat pictures — could apply your login details to more important sites, such as your bank. In fact, a 2021 study by MIT uncovered a cache of stolen data for sale on the dark web that included more than three billion usernames, many with their passwords.
The more online accounts you have, the bigger the target on your back – and you may have more accounts than you think. A 2024 survey by password management company NordPass suggests the average internet user has around 168.
“If it’s a company that I still use regularly, that I have an active relationship with — maybe I like being part of their repeat customer program — this is not a company where I should be deleting my data,” says Ginny Fahs, director of product research and development at the Consumer Reports Innovation Lab. “But for companies like the social media sites I tried as a teenager, that data no longer has any value to me.” You may not remember all of your accounts, but you can rediscover many of them in web browsers, apps, and even your inbox. The process of deleting these accounts has become easier thanks to new privacy laws that require companies, at least in some U.S. states, to honor deletion requests, and a tool developed by Fahs’ team is one strategy for finding and removing zombie accounts.
Find stored logins
A lot of login data for online accounts is stored in web browsers, operating systems, and password management applications, so you can start your zombie hunt there.
If you’re in Chrome on a desktop computer, click the three vertical dots at the top right of the window, then navigate to Passwords & Autofill Google Password Manager to see a list of accounts the browser has stored. In Apple’s Safari browser, click Safari Settings Passwords at the top left. You should also look in your device’s operating system for any account login data that might be stored there. On Android phones, go to Settings Search and search for “Password Manager.” On iPhones, go to Settings Passwords. On Apple Mac computers, search for “Keychain Access” and then tap “Open Passwords.” Microsoft Windows doesn’t have a built-in password manager. Finally, some people use password management apps like 1Password, Bitwarden, or Dashlane to store logins, so be sure to look there for a list of accounts, if applicable.
Check out apps
You may discover more forgotten accounts by searching for apps or services you’ve linked to other networks. For example, you might rediscover an Expedia account when you see that you’ve authorized it to share information with Google; or perhaps you’ve authorized Pinterest and Twitch to do the same with Facebook.
To find linked apps or services on Google, for example, sign in, click your user icon in the top right, then click Manage your Google Account Security and scroll down to “Your connections to third-party apps and services.” On Facebook, click your profile picture in the top right, click Settings & privacy Settings, then scroll down the left-hand menu and click “Apps & websites.” It’s also a good idea to look in mobile apps for accounts associated with them. On Android phones, go to the Play app home screen, tap your avatar in the top right, then tap Payments & subscriptions to see current and expired accounts. On iPhones, go to Settings, click your name at the top, and click Subscriptions. You can also check apps on devices like smart TVs and smart speakers. Finally, check your email for messages from services you’ve signed up for, such as welcome messages, instructions for verifying your email address, or alerts about privacy policy changes.
Delete accounts
Once you have your list of zombies, it’s time to eliminate them.
In some cases, deactivating an account also sets in motion the process of deleting your data. In other cases, it doesn’t and you must specifically select the delete option to erase your data from the site. It’s also important to remember that disconnecting a service from your Facebook account or deleting an app from your phone doesn’t delete the account. That must be done separately, either in the app or on the company’s website. The account deletion process became much easier in 2022 when Consumer Reports launched Permission Slip, a free app for iOS and Android that directs you to the “delete account” webpage for nearly 350 sites. Permission Slip can automatically submit requests on your behalf to about half of those. Fahs says Consumer Reports plans by the end of the year to significantly increase the total number of sites included in the app, as well as those with automatic deletion. For sites not included in the Permission Slip app, try looking in the company’s privacy policy for instructions on how to close or delete an account. Some companies also link to this information at the bottom of their homepage. If all else fails, try searching online for the company’s name and terms like “close account” or “delete account.” Deleting your data can take days or weeks, and some companies may ignore requests.
#Unused #online #accounts #security #reasons #rid