But won't OAuth put an end to this requirement anyway? --Swap
On Jan 8, 6:04 am, Brian Hendrickson <br...@openmicroblogger.com> wrote: > On Jan 7, 1:00 pm, "Chad Etzel" <jazzyc...@gmail.com> wrote: > > > By logging intohttp://tweetpass.com/api/doyou automatically store > > the password somewhere? If so, how is it stored? encrypted? > > Yes, each user's twitter password is encrypted and stored in the SQL > database. It's not on dreamhost, though :-) the server is physically > controlled, in a high-end co-location facility in Portland. > > When an API call comes in with a disposable password, the twitter > password is fetched from the database and used to make the call to the > twitter.com API > > Also, the first time a disposable password is used, it is labeled with > the incoming hostname and will only be good for that host. API events > for that password are visible in the control panel. > > -- Brian
