

Social Networking Anti Patterns - theblackbox
http://microformats.org/wiki/social-network-anti-patterns

======
foulmouthboy
There's no way that identifying it as an "anti pattern" is going to kill the
practice of requesting credentials for other sites. For one thing, it's being
done on the majority of social networking sites out there, including all of
the most reputable ones, and for another thing it's something that a lot of
people find very convenient.

At best, it'll become like opening zips and exe files. Users will have to
become aware of the potential dangers, but the practice of providing the files
will remain.

~~~
tonystubblebine
It's a good anti-pattern, just applied at the wrong end. Sites like Twitter
and LinkedIn could kill this anti-pattern by offering a proper OAuth (or
equivalent) API.

------
theblackbox
Yes but surely there are some legal issues abound here? these social
networking sites are facilitating the data trawling applied by phishers and
identity fraudsters.

I'm currently researching the PCI DSS for my employer, and I'm seeing this as
the next potential milestone in security compliance. It's not just a matter of
the general public becoming aware of the risks, like they have with credit
card info, the users of the data must set in place secure standards to deal
with identity data.

------
theblackbox
<http://news.ycombinator.com/item?id=364901>

another contender for this suspect behaviour, for reference

~~~
josefresco
err same page?

~~~
theblackbox
updated - sorry, I'm an ass

------
KevBurnsJr
Interesting note about placement of email address field adjacent to password
field in light of contact importing becoming a defacto step in signup
processes.

