On Wed, Jul 22, 2009 at 4:41 PM, Gerard Meijssen<[email protected]> wrote: > Hoi, > Would OpenID make a difference ? It seems to me that when you authenticate > to both WMF projects and to this watchlistr, you would not expose passwords > in the wrong place. It seems to be also a solution of allowing Commons to > authenticate in this way.
No, not really. In this case the site wants your credentials so that it can scrape your watchlists. If it has your credentials it can impersonate you, which is bad. It addressed by making it possible for the site to generate access cookies for particular resources which you could share. I.e. "generate a code that gives someone read only access to my watchlist". _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
