Thanks, this. Also, because the access token for each app is unique, you can gra... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		xyzzy123 on March 7, 2013 \| parent \| context \| favorite \| on: Consumer key/secret for official Twitter clients Thanks, this. Also, because the access token for each app is unique, you can grant different account permissions to your apps so you can in principle limit their access to your account. Also there is more accountability. If an access token gets leaked or misused you at least have a chance of figuring out where it came from. OAuth is usually a better choice for API authentication than username/password, even for desktop apps.

pifflesnort on March 7, 2013 [–]

If you want to limit their access to your account, uninstall the application. No more access.

If you're worried about genuinely nefarious applications, OAuth ought to be the least of your worries, because it's not going to protect you.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact