You don't get a second chance, and this is by design. OAuth requests
have a unique signature; once a particular request is submitted, it
can't be submitted again.
There's no real way to validate the pin before you submit. All you
can do is ensure that they typed in six digits. If the
I thought it might be by design, but couldn't find that mentioned
anywhere. I guess it is necessary to prevent apps guessing the pin,
though it may be annoying for users.
Indeed, this is by design. As Grant said, it is to prevent brute force
attacks.
Thanks,
Doug
On Thu, Jul 9, 2009 at 10:58 AM, Grant Emsley grant.ems...@gmail.comwrote:
I thought it might be by design, but couldn't find that mentioned
anywhere. I guess it is necessary to prevent apps
