Ideally, yes. On Thu, Jan 8, 2009 at 04:10, Swap <[email protected]> wrote: > > But won't OAuth put an end to this requirement anyway? > > --Swap > > On Jan 8, 6:04 am, Brian Hendrickson <[email protected]> > wrote: >> On Jan 7, 1:00 pm, "Chad Etzel" <[email protected]> wrote: >> >> > By logging intohttp://tweetpass.com/api/doyou automatically store >> > the password somewhere? If so, how is it stored? encrypted? >> >> Yes, each user's twitter password is encrypted and stored in the SQL >> database. It's not on dreamhost, though :-) the server is physically >> controlled, in a high-end co-location facility in Portland. >> >> When an API call comes in with a disposable password, the twitter >> password is fetched from the database and used to make the call to the >> twitter.com API >> >> Also, the first time a disposable password is used, it is labeled with >> the incoming hostname and will only be good for that host. API events >> for that password are visible in the control panel. >> >> -- Brian >
-- Alex Payne - API Lead, Twitter, Inc. http://twitter.com/al3x
