
Antipatterns for sale - Discussion on Twitter API phishing and OAuth - danw
http://simonwillison.net/2009/Jan/2/adactio/
======
ivey
It's great to see a company's API lead engaging in a discussion like this. I
feel like he's missing the point of the critics, though. OAuth may not solve
the phishing problem, but it has _demonstrable_ advantages over handing out
your passwords:

\- finer grained levels of access

\- ability to block one app without blocking the others

\- ability for Twitter to block an app entirely, across the userbase, if it
misbehaves

