Another advantage is that if a third party application's database is
breached, all of the stored usernames and passwords would be exposed.
If the third party application was using oauth, the access token and
secret pairs are only useable if the consumer key/secret pair are
found and these can be
The advantage is in user and service security ... I'd think that was
obvious. What is your problem with it? What costs do you see? OAuth
is easy.
Thanks-
- Andy Badera
- and...@badera.us
- Google me: http://www.google.com/search?q=andrew+badera
- This email is: [ ] bloggable [x] ask first [ ]
On 5/18/09 10:30 AM, H.Hiro(Maraigue) wrote:
Client softwares must know end-users'(i.e. account holders') login
names and passwords, so I think there aren't more advantage of using
OAuth than basic-auth.
Actually, that's the ENTIRE POINT OF OAuth! No one, other than Twitter
needs to know an
On 5/18/09 2:43 PM, Andrew Badera wrote:
The advantage is in user and service security ... I'd think that was
obvious. What is your problem with it? What costs do you see? OAuth
is easy.
Thanks-
- Andy Badera
- and...@badera.us
- Google me: http://www.google.com/search?q=andrew+badera
- This