

Show HN: Echelon – A safe way to manage your company’s Twitter accounts - jalada
http://www.echelon.io

======
peterkelly
May I just suggest a different name (see
[http://en.wikipedia.org/wiki/ECHELON](http://en.wikipedia.org/wiki/ECHELON))

~~~
quantumpotato_
Forgot your password? Just visit our website
[http://itanimulli.com](http://itanimulli.com) for convenient access to all
records.

------
petercooper
I must admit I didn't sign up yet - just read the homepage - but something
that would be super useful on such a system is throttling tweets.

I've seen more than a few instances where an employee screws up or goes
'rogue' and either goes off on a rant or posts the same thing over and over.
It'd be great to only allow employees to post, say, once per hour or whatever,
so any problems could be contained.

~~~
iamben
Or perhaps an employee kill switch that deletes every tweet they've made in
the last user-defined number of hours?

~~~
petermacrobert
That is a great idea, thanks – will definitely add to the product ideas log.

\-- Pete, founder, Pixie Labs

------
Stratego
The invitation flow is very roundabout (even if you sheepishly admit it :-)),
and the group account invitation doesn't seem to work at first. I tried to
authorize a third-party account (inside of an anonymous tab) three times and
the invitation didn't seem to be redeemed when I was redirected from Twitter
to Echelon.

At first I thought something was wrong because, perhaps, you didn't set a
"return to" URL to complete the invitation acceptance (which you should do if
it's at all possible, to prevent your users from having to repeat an action).
That was the behavior I expected since the invitation URL's log in prompt said
"Sign in to accept".

What really happened is that the Twitter authorize call doesn't — in fact —
trigger the acceptance of the invitation, it simply creates an Echelon
account. I had to hunt down the "Notifications" section through the Menu while
there was no sign where I had landed after the OAuth trip that there were any
notifications waiting for me.

You should find a way to surface these notifications where you users are going
to land after the Twitter authorize call, otherwise the experience is going to
be as frustrating for them as it was for me — that is until they do the work
your application should be doing for them: letting them know what actions they
need to proceed with next in order to have a fully functioning account.

Now I have to say this is a cool app, I especially like the fact that
individual user accounts are used and therefore everything can be logged so
the whole team can be aware of the outgoing Twitter activity for each "group
account".

~~~
jalada
This feedback is really useful; we've struggled to nail the process as it is
generally very cumbersome having to sign in & out of Twitter accounts (but
it's the most secure way, as opposed to XAuth, which would be a possible
alternative).

The key thing here is showing the user they have a new invite/notification,
which we will add ASAP.

------
liampmccabe
Working on something similar. A free Twitter manager for individuals/teams
that includes analytics and scheduling. A couple of screens
[http://i.imgur.com/0bCOizS.png](http://i.imgur.com/0bCOizS.png)
[http://i.imgur.com/rYfCKdN.png](http://i.imgur.com/rYfCKdN.png) Interesting
to see how you've done things, good luck! :)

~~~
polynomial
Echelon looks quite good, but needs to include Tweet scheduling before we
would be able to make the switch.

~~~
petermacrobert
Hi Polynomial, this feature is the one we're working on right now :)

\-- Pete, founder, Pixie Labs

------
blowski
Most of our Tweets come from events where users are on iPhone or Android, so
access to Echelon through a mobile app is essential.

HootSuite offers this already, and it's only a little bit more expensive than
Echelon, so why should we switch? Genuine question as HootSuite has its own
problems so I'm always looking for alternatives.

~~~
jalada
HootSuite is great, but it's also quite a hefty tool if all you need to do is
let people tweet on behalf of n accounts. Also HootSuite works really well if
you have a small team of people managing your social media but breaks down (or
becomes expensive) if you need to give access to lots of people (this is where
you end up with systems involving sharing lists of passwords!).

The idea behind Echelon (and its pricing model) is to promote sensible account
security around the simplest of actions - tweeting. The bigger your team the
more you pay but otherwise you can divide up your accounts however you want
(different amounts of access for different people, etc).

------
StavrosK
I don't have any use for this personally, but it sounds like a very good idea,
congrats!

~~~
jalada
Thanks :)

~~~
lancewiggs
Echelon is the name of a multi-country spy listening network that we here in
NZ are part of. It includes the US.

"Safe" is the last thing I feel my data would be.

~~~
jalada
Yes I noticed this name collision too. At least we didn't call it ECHELON :)

~~~
aspivelox
Or PRISM.

------
jalada
Appreciate any feedback. We're only just getting started, there's a long way
to go :)

~~~
tommi
The service seems counter intuitive. You advertise "The safe way to manage
your company’s Twitter accounts." yet using the service would mean giving
access to a third party. We all know that security is hard and you're creating
online password manager - if it will be popular, it will gain unwanted
attention.

Sure, you are using an access token and not a password for the accounts, but
that's not explicitly said anywhere. I suggest you improve the trustworthiness
of Echelon on the landing page.

~~~
jalada
The landing page mentions that you don't have to share passwords, which is
what makes it inherently securer than...well...sharing passwords. Agreed that
perhaps it could be clearer that by using access tokens, access can be revoked
at any time via Twitter directly which removes the risk (compared to people
stealing passwords).

~~~
tommi
See, I'm bit confused here. I understood it so, that as a user of Echelon, as
I wouldn't have to give the Twitter account password to colleagues. But what
about to Echelon itself? How can I be sure that the Echelon won't be
compromised and all hell wouldn't break loose? Does the account have one
Echelon app authorized which then works as a middleman to the users?

~~~
rsoto
Since only the tokens are stored on Echelon's server, any compromise might do
some damage (tweets, bio change, etc), but you will not lose the account's
password.

So that's a pretty good tradeoff if you ask me.

------
btipling
Very nice, I like the flat design, but I don't think you're charging enough.

~~~
highace
Agreed. Any company with enough employees to justify using this service can
afford more than $10 a month.

------
thezach
I'll stick with HootSuite because of the functionality. It allows me to manage
my Google+ pages, Facebook pages, and Twitter all in one place.

If you had the ability to do that, I may be interested.

------
feefie
Nice try NSA:
[http://news.bbc.co.uk/2/hi/503224.stm](http://news.bbc.co.uk/2/hi/503224.stm)

------
gidan
How do you get rid of twitter's api limits, what if you have more than
thousands accounts?

~~~
jalada
We don't...it's not particularly heavy on Twitter API usage. What are you
thinking of?

~~~
theman11
I'm assuming he thinks of the token limit which is only for "traditional
twitter clients"
[https://dev.twitter.com/docs/faq#10650](https://dev.twitter.com/docs/faq#10650)

------
randall
RIP CoTweet! :(

[http://mashable.com/2010/03/02/cotweet-
acquired/](http://mashable.com/2010/03/02/cotweet-acquired/)

