First, let me state from the start that I am no fan of OAuth, Twitter's implementation of it, or the way that they've behaved with regard to it. Now, with all that being said.
If your website expects me to hand over my Twitter password, I'm not using your web site. Just yesterday, another scam site (TwitViewer) managed to steal thousands of accounts, and convince other people to hand over their information because it was posting tweets from the stolen accounts. OAuth is not perfect, but it provides individual users and Twitter with a way to identify bad actors and lock them out of the ecosystem. OAuth works. There are examples out there. There are developers who are willing to help you. Implementing OAuth tells your customers that the security of their account is important to you, and shutting down Basic Auth trains your users to stop giving away their password. If your product has value, and you clearly communicate what that value is, the users will use OAuth. On Jul 29, 9:10 am, Dewald Pretorius <dpr...@gmail.com> wrote: > It would not surprise me at all if using OAuth resulted in fewer > signups. > > Potential technical advantages of OAuth aside, every additional click > that you add in the conversion process adds an addition leakage point > where some users can and will abandon the signup process.
