Hey Jef,

Like many mobile applications Twitter for Android uses xAuth. In this
mode the user enters their username and password which is then sent to
Twitter for the OAuth credentials. Part of the agreement of granting
access to xAuth is that the application must not store the username
and password.

If in doubt about the security of your password you can always change
it on the twitter.com. Applications which use OAuth are unaffected by
a change in your password.

Best,
Matt

On Tue, Aug 31, 2010 at 12:35 PM, Jef Poskanzer <jef.poskan...@gmail.com> wrote:
> Twitter's official Android app is obviously using OAuth, since it
> still works. So why does it ask for my password? Isn't it supposed to
> send me to a web page where I can click Ok?  What is going on behind
> the scenes here?
>
> Maybe just some leftover Basic Auth code that hasn't been deleted
> yet?  If so, delete it!
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk?hl=en
>



-- 


Matt Harris
Developer Advocate, Twitter
http://twitter.com/themattharris

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk?hl=en

Reply via email to