How to understand the EOS permissions

The EOS account has two kind of permission by default: owner and active

The owner permission can manage any permissions. And the active can do the transfer, stake and other actions execution. Meanwhile, an account can have multi owner and multi active.

DApps need the active to execute some actions while you are using them, during which, some unsecure DApps will link some unknown actives to your account without notice you.

It is quite important for you to take care of the contracts’ details especially related to the Authority, in case of losing assets.

If you execute such contracts or actions accidentally, you should check your permissions as soon as possible.
Go to : TokenPocket -> Profile (tab bar) -> Manage Wallet -> Choose your wallet -> Authority Management . And check is there any doubtful public keys or account.