Backlit is in private, invite-only beta, public launch coming soon.
Coming soon

June 6, 2026 · Guide

How to keep an app you built with AI from getting hacked

Apps built quickly with AI keep getting hacked, almost always at the login. Here's what actually goes wrong, and how to share your app without owning the hard security part yourself.

There’s a steady stream of stories now: someone builds an app with AI in an afternoon, shares it, and a week later finds it has leaked its data or been quietly tampered with. It’s becoming one of the most visible risks of building fast. The good news is that the failure is almost always in the same place, and you don’t have to be the one who fixes it.

The quick answer

Apps built with AI usually get hacked at the login and access layer: there’s no real authentication, or it was hand-rolled and is easy to bypass, or the data is readable by anyone who has the link. The safe move is to not build that part yourself. Host the app somewhere that handles sign-in, access control, and per-user data isolation for you. On Backlit, all of that is built in, so the riskiest part of sharing an app isn’t on your shoulders.

Why AI-built apps are easy targets

The thing that makes AI so good for building, speed, is also what skips the boring, critical security step. A model will happily write you a slick login form, but a form is just the front door’s paint. Real authentication lives on a server: verifying who someone is, issuing a session that can’t be forged, and checking on every request whether this person is allowed to see this data. That part is easy to leave out and hard to notice is missing, because the app still looks like it works.

So the same app that feels finished is often wide open.

The three things that actually get exploited

  • No real authentication. The app trusts the browser. Anyone with the URL is treated as a valid user, because there’s nothing actually checking identity on the server.
  • No access control. Even when there’s a login, every signed-in person can often read everyone’s data, because the app never separates one user’s records from another’s.
  • Secrets in the page. API keys or tokens get baked into the HTML or JavaScript, where anyone can open the page source and read them.

None of these is exotic. They’re the default state of an app that was built quickly and never had a security pass.

Why you shouldn’t try to fix this yourself

The instinct is to ask the AI to “add authentication.” Resist it. Authentication is a security domain, not a feature: sessions, token signing, replay protection, allowlists, password handling if you go that route. Getting it subtly wrong is worse than having none, because it gives you false confidence. This is exactly the kind of work that should be handled by infrastructure that’s been built and tested for it, not generated fresh for each app.

Let the host own the hard part

This is the case for hosting your app somewhere that treats security as part of the platform. On Backlit, the app you built sits behind a managed access layer you didn’t have to write:

  • Real sign-in (Lens). Magic link, Google, or Microsoft. Identity is verified on the server, not assumed from the browser.
  • An allowlist. You decide exactly who gets in: specific emails, or a whole domain. Everyone else is turned away at the door, even with the link.
  • Private by default. A new app isn’t public. It requires sign-in unless you deliberately choose to open it.
  • Per-user data isolation. Each signed-in person gets their own data silo, keyed to their verified email. One user cannot read another’s.
  • No secrets in the browser. Server-to-server keys are stored as hashes and never shipped to the page, so there’s nothing sensitive to scrape from the source.
  • Region-pinned storage. Data stays in the region you chose and isn’t copied elsewhere.

The message is simple: you focus on the app, and the hard, risky part is covered. For most people sharing something they built with AI, that’s the difference between “I think it’s fine” and “I know the front door is locked.”

What’s still your job (an honest line)

Backlit secures access to your app and isolates its data. It does not audit the app’s own logic. If your app does something unsafe with the content it shows, that’s still yours to get right, and the basics apply: collect only the data you actually need, and don’t paste real secrets into the app’s code. Backlit gives you a locked door and separate rooms. What you keep in them, and how the app behaves once someone’s inside, is on you.

That division is the point, though. The part that’s genuinely hard and genuinely dangerous to get wrong, identity and access, is handled. The part that’s left is ordinary care.

The takeaway

If you’ve built something with AI and you’re nervous about sharing it, that instinct is correct, and the fix isn’t to bolt on more code. It’s to put the app somewhere that owns authentication and access control for you. Add the login by hosting it on Backlit, not by hand. Related reading: how to add a login to an AI-generated app and how to share an AI-built app privately. Or see how it works.

Built an app with Claude or ChatGPT? Get early access to Backlit and share it in seconds.