When you log into a website or app using your Facebook account, you are granting that third party access to certain information from your Facebook profile. The permissions that you agree to when logging in with Facebook allow the app or website to retrieve data like your name, profile photo, email address, and more. Understanding what permissions you are enabling can help you better control your privacy when using Facebook login.
Basic Permissions
The most basic permissions that a third party app or site needs to enable Facebook Login are:
- Public profile – Your name, profile picture, cover photo, gender, networks, username, and User ID
- Email address
These basic permissions allow the app or site to identify you and pull some basic information from your public Facebook profile. Your email address is also provided to allow the app to securely associate your Facebook account with an account on their site.
Extended Profile Permissions
Beyond the basic permissions, third party apps and sites can request extended permissions to access more of your Facebook profile information. Some common extended profile permissions include:
- User birthday – Your birthday as you’ve provided it in your Facebook profile
- User hometown – The hometown you’ve listed in your profile
- User location – Your current city as listed in your profile
- User likes – Pages and interests you’ve liked on Facebook
- User photos – Albums and photos you’ve shared on Facebook
- User videos – Videos you’ve shared or been tagged in on Facebook
- User friends – Your friends list and the profiles of your friends
Apps and sites may request extended permissions like these to understand more about you and personalize your experience. However, sharing additional profile info comes with increased privacy risks.
Publish Permissions
Publish permissions allow a third party app to post content to Facebook on your behalf. Some publish permissions include:
- Publish to the Facebook timeline – Post status updates, photos, videos, and more to your timeline
- Publish Instagram media – Post photos to Instagram connected to your Facebook account
- Publish Facebook events – Create and manage Facebook events as you
These publishing permissions should only be granted to trusted apps that need to regularly post content for you. Granting open publishing access comes with risks of spamming your friends or misrepresenting you.
Review Permissions
When logging into an app or site with Facebook, carefully review the permissions being requested before accepting them. Look for permissions that seem unnecessary for the app’s functionality or present privacy risks.
Here are some tips for reviewing Facebook login permissions:
- Watch for broad permissions like “Access all profile data” that grant wide access
- Consider whether each permission makes sense for the app’s core functionality
- Avoid granting publishing permissions to unfamiliar third parties
- Revoke permissions for unused apps in your Facebook settings
- Install privacy management tools that alert you to risky permissions
Limit App Permissions
If an app requests unnecessary or high-risk permissions, consider limiting the access you grant:
- Cancel the login and use an alternative without Facebook if possible
- Only agree to more basic permissions like public profile and email
- Look for a “Limit App Permissions” link to selectively decline certain access
- Use your Facebook privacy settings to hide or limit profile data
Restricting permissions can sometimes mean you miss out on certain app features, but it protects your privacy and security.
Revoke App Access
If you’ve previously granted an app excessive permissions, you can revoke its access entirely:
- Go to your Facebook Settings
- Select “Apps and Websites” in the left column
- Click the “Logged in with Facebook” tab
- Locate the app and click “Remove”
The app will immediately lose all access to your Facebook profile data. You can always grant limited permissions again if needed. Regularly pruning unnecessary app permissions is good practice.
Two-Factor Login Approval
For increased security when logging into new third party apps with Facebook, enable two-factor authentication approval:
- In Facebook Settings, go to Security > Login Approvals
- Toggle on the “Require Approval” switch
Now when you first log into an app with Facebook, you’ll be prompted to approve the login through email, text message, or authenticator app code. This adds an extra layer of protection against unauthorized logins.
Login Notifications
It’s also a good idea to turn on login notifications in your Facebook Settings:
- Go to Settings > Security and Login
- Toggle on “Get alerts about unrecognized logins”
You’ll now receive notifications whenever your Facebook account is accessed from a new device or browser, letting you monitor suspicious activity.
Use Caution with Facebook Login
While Facebook Login offers a convenient way to create accounts and authenticate with apps and sites, it also comes with risks:
- Oversharing personal information stored on Facebook
- Enabling broad publishing permissions
- Granting long-term access without ongoing review
- Exposing your account to unauthorized access
Stay vigilant in protecting your Facebook account when using Facebook Login. Limit app permissions, leverage security options, and routinely audit and revoke unnecessary third party access.
| Permission Type | Example Permissions | Risk Level |
|---|---|---|
| Basic | Public profile, Email address | Low |
| Extended Profile | Birthday, Hometown, Likes | Moderate |
| Publish | Post to timeline, Create events | High |
Top 5 Facebook Login Permissions
- Public profile
- Email address
- User birthday
- User hometown
- Publish to timeline
Conclusion
Facebook Login provides great convenience for users, but also exposes profile data in exchange. Be selective when granting permissions, limit access to truly necessary info, leverage security options, and routinely audit and revoke obsolete app permissions. Careful management of Facebook Login can help maximize benefits while minimizing privacy risks.