Never Hand Out Your Password Again: Twitter Goes OAuth

Today’s the day – the “Oauthpocalypse” – that Twitter users and developers (well, mostly developers) have been anxiously awaiting. It’s the day that Twitter will begin using OAuth rather than basic authentication for third-party applications, a move that has implications for both users and developers alike.

At 8 a.m. today, Twitter shut down basic authentication forever and, if your Tweetdeck or other Twitter app doesn’t work, there’s likely something you can do – update.

For those on the user end of things, the switch to OAuth means both a better and more secure experience with third-party Twitter applications. No longer will you have to wonder if a semi-sketchy looking website is going to steal your password, because they will not be asking you for your password. You sign in with Twitter, on itself, and approve each app or website as you go, with a simple “approve” or “deny”.

Twitter notes in its blog post that you can always review what applications you have granted access to your account by looking at the Connections section under your settings. If you haven’t updated to the latest version of a Twitter app, you may find that it is broken and need to update for it to continue working.

As we explored when Twitter first started testing OAuth as a solution to its security woes, with this new system you will never have to cringe and give your Twitter password out to a stranger again. Another way to say that might be, never hand out your Twitter user name and password, ever again, as this switchover negates that process. And while it makes everything more secure, you’ll want to be aware that clicking “approve” means you’re giving that app carte blanche, read/write access to your Twitter account, so you should still weigh whether or not you want to give that particular application access before saying okay.

As for developers, the transition to OAuth from basic authentication has been a long time coming, with multiple emails sent out in the developers’ group, so many apps are already using the new system. If you have somehow missed all the hubbub over OAuth, then that’s what’s happening, and Twitter will no longer allow third-party apps to use basic authentication.

Facebook Comments