Hi Twitter-dev-talk, I would appreciate your feedback on a new service I've been working on, it's called Tweetpass. I was motivated to get it working after I wrote a comment about Twitter API security on Rahsheen's blog this past weekend. http://sheenonline.biz/ -- I decided that instead of complaining I should try to make a difference of some kind.
Tweetpass makes fresh, disposable Twitter passwords, which can be used at (compatible) 3rd-party Twitter services. (there are none, yet) Also, it makes it simple for the end user to delete the passwords individually, and toggle the API methods individually. It works like this: Twitter microbloggers: a) submit their nicknames at http://tweetpass.com b) look in their Replies tab and click a link c) do Basic Authentication against twitter.com d) receive Tweetpass passwords to use at (compatible) 3rd-party Twitter services e) turn API methods on/off per-password f) delete passwords anytime Developers: a) change their code to (conditionally) call the tweetpass.com API (see below) b) put the Tweetpass logo on their site Twitter API methods: twitter.com/statuses/update.json twitter.com/statuses/friends_timeline.json twitter.com/statuses/user_timeline.json twitter.com/statuses/show/ID.json twitter.com/USERNAME twitter.com/USERNAME/statuses/STATUS search.twitter.com/search?q=HASHTAG Tweetpass API methods (so far): tweetpass.com/statuses/update.json tweetpass.com/statuses/friends_timeline.json tweetpass.com/statuses/user_timeline.json tweetpass.com/statuses/show/ID.json tweetpass.com/USERNAME tweetpass.com/USERNAME/statuses/STATUS search.tweetpass.com/search?q=HASHTAG How you can help: If you're a developer who happens to use only these few API methods, you can test your service against the Tweetpass API. The simplest thing to do is search and replace "twitter.com/" with "tweetpass.com/" in your code. Then you can proceed to http://tweetpass.com to get your disposable passwords. Thanks for your feedback and ideas about Tweetpass. -- Brian http://tweetpass.com 503.358.7501
