Revoking Google's Authentication Token for Lost Devices

This KB Article References: Google Drive
This Information is Intended for: Instructors, Staff, Students
Created: 09/07/2012 Last Updated: 03/01/2024

If you use a University-owned or personal computer, mobile phone, or tablet to access Stony Brook University data stored in Google Apps or some other system, you are required to password protect your devices to ensure that access to SB data is not compromised. If your mobile device, laptop, or tablet computer is ever lost or stolen and you have not password protected the device and have not signed out of Google Apps, someone else could gain access to the contents of your Google applications. 

If You Lose a Device

  1. Immediately change your NetID password
  2. Go online to remove an application, service, or site's access to your Google account at https://accounts.google.com/b/0/IssuedAuthSubTokens?hl=en. From this link, click on  the apps/sites that you want to remove access for, and then click Remove. Once a token is revoked or invalidated, no one else will be able to access the contents of your applications.
    remove access from apps/sites connected to Google Account
  3. In Google Mail, you can view a list of last account activity and open sessions by clicking on the "Details" link in the bottom right corner of your mail inbox. From there, click Sign out all other web sessions.
    Google mail account activity with Sign out of all other web sessions button

For extra security, you may want to sign up for Google's 2-step verification which allows for the creation of application-specific passwords. To learn more, watch Google's YouTube video on using 2-step verification and application-specific passwords (3:28).

Supported By

Customer Engagement and Support
Customer Engagement and Support Help Portal