I had on my list to check out Leave Me Alone, a service that purportedly helps unsubscribe you from newsletters and such. You give it access, and it, presumably, starts digging through your email finding newsletters it can help you unsubscribe from. Seems useful, if you trust a third-party reading your email. That’s a big leap for me, erroring on “no”.
I thought I’d just sign up and get as far as I could before it got creepy. This is where it got creepy:
There is a step here where you have to type in your Gmail password into their app. Nope. You never see this. Google has secure auth systems where the only place you type in your password in on a real secure Google URL. No way in hell am I coughing up a password like that to a third-party.
Remember, if your email is hacked, your entire life is hacked. The person with access to your email can reset your password anywhere else.
I have no idea if the company is credible or not, and to their credit, they tell you to turn on 2-factor auth before proceeding, but this just smells all kinds of fishy.