On Fri, Dec 11, 2009 at 01:27:48AM -0600, Abraham Williams wrote: > On Fri, Dec 11, 2009 at 00:53, Dave Sherohman <d...@fishtwits.com> wrote: > > - If oauth is the only allowed authentication method, a rogue app would > > not be able to gain full access to your account. Perhaps most > > importantly, it would not be capable of changing your password and > > locking you out. > > > > Currently this is not true. > http://code.google.com/p/twitter-api/issues/detail?id=1012
Hrm. Didn't know about that one. In that case, amend my quoted statement to replace both occurrences of "would not" with "should not". :p -- Dave Sherohman