> > > We just updated our Twitter plugin for WordPress to use the new
> > > OAuth API. Someone just asked if it was safe to store the consumer
> > > key and consumer secret in plain text (which it basically has to be
> > > as I understand it, since ultimately it needs to be sent to the
> > > serve
It really ends up just being a case of best-effort security. A desktop
application makes its best effort to keep the secrets concealed, obfuscated,
or stored.
The last thing you want is for those with malicious intent to masquerade as
your application, giving it a bad name, and possibly getting it
On Wed, 2 Jun 2010 13:23:34 -0700 (PDT)
Cameron Kaiser wrote:
> > We just updated our Twitter plugin for WordPress to use the new
> > OAuth API. Someone just asked if it was safe to store the consumer
> > key and consumer secret in plain text (which it basically has to be
> > as I understand it,
> We just updated our Twitter plugin for WordPress to use the new OAuth
> API. Someone just asked if it was safe to store the consumer key and
> consumer secret in plain text (which it basically has to be as I
> understand it, since ultimately it needs to be sent to the server in a
> plain text fo
We just updated our Twitter plugin for WordPress to use the new OAuth
API. Someone just asked if it was safe to store the consumer key and
consumer secret in plain text (which it basically has to be as I
understand it, since ultimately it needs to be sent to the server in a
plain text form). I ca