Search Content

WhitePapers


Oracle Magazine

Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest...Read More


How to Buy a Phone System

Considering a new phone system for your business? The Phone System Buyer's Guide from VoIP-News provides you with all of the information you need to make a more informed decision. The Guide helps you...Read More


Sales Force Automation Comparison Guide

Businesses of all sizes can benefit by automating all aspects of their sales processes with an SFA (Sales Force Automation) solution. But due to the sheer number of features that most SFA solutions...Read More


Which CMS Is Right For Me?

If you're wondering which CMS is the right one for your organization, this comprehensive guide will take you through the various options available, detailing the pros and cons of each. Download...Read More




View All Whitepapers

Twitter to Implement OAuth as Future Authentication Method

Recent events have pulled Twitterís authentication methods even further into the limelight. People are becoming increasingly concerned about the safety of their profile and everything associated with it. Whatís Twitter going to do about it, and when?

Twitter is working on a beta release of OAuth

Engineer/API Lead Alex Payne commented on the Twitter Development Talk group that the User Experience team is putting the finishing touches on a beta release of an OAuth implementation. This comment was made in November and mentioned a release toward the end of December. Since then, Payne has also said they (Twitter) will be experimenting with it after the first of the year.

The next full release of the API will be by OAuth authentication only

That only makes logical sense, right? After all, you have to eliminate all the weakest links to make a stronger chain. Also, using OAuth will decouple API rights from the general access rights used on the web. In turn, youíll see more granularity of access control using OAuth, which is something BasicAuth sucks at.

Unintended Consequences of Better Security

For starters, OAuth is much more difficult for third-party developers to implement than BasicAuth is. Itís a new set of tools and technologies that most people arenít really that familiar with. OAuth also entails bouncing around to the browser while authenticating, much like OpenID does. Once you allow your app once, you should be able to have it remember that and be fine on subsequent authentication attempts. However, itís going to confuse a ton of people the first time. OAuth is not a security silver bullet, but is a step in the right direction. ( Payneís words on OAuth )

Our Plea

Twitter: please donít give up on this. We canít stand to see it go the way of Track or IM. We desperately need to feel safe when using our credentials as recent events have given you a bit of a black eye. OAuth, OpenID, we donít care - just make us feel warm and fuzzy inside.


Related Salesforce Mobile Articles

In India, with Force(.com) !


The Tour de Force events across the globe continue to draw great attendance and interest from developers looking to build new SaaS applications. The event is yet to make its way to India but I have been traveling across India (Pune & Bangalore)...

Read more about In India, with Force(.com) !...

The New Rules of VIRAL Marketing


We are big fans of Mr. Scott and his eBook, The New Rules of Viral Marketing, which gives tips on how to spread your ideas for free using word-of-mouse. Or in other words, ďone person sends it to another, then that person sends it to yet another,...

Read more about The New Rules of VIRAL Marketing ...