|
|
|
|
|
|
by alexeckermann
5716 days ago
|
|
|
I agree that might be the case but actually the Twitter and OpenID authentication is much safer. 1) When you authenticate with Twitter or OpenID its all done on Twitter or your OpenID providers site. We cant snoop your credentials at all, you dont enter it on our site.
2) Sure authentication is an easy feature but this way we dont need to ask you for your details again, you let us talk to your service and use your existing information.
3) You can kick us off from your Twitter account from Twitter itself and at any time, see Connections section under settings. Some people might be conscious about us being able to access your Twitter or OpenID information but its mostly available to the world on these services anyway. OAuth (which is the underlying technology behind this authentication) is being used more and more. It's much better and safer for end users, its just that initial hurdle to get mass adoption. Its the end users decision if they trust the site or not. Most people have trusted us today :) We cant make any changes to the app whilst its being judged, not one line of code. I do agree that we should look at implementing a base user signup sans-OAuth provider but we cant do anything until Rails Rumble has been judged and voted. It was a 48 hour coding competition with many other developers around the world, see www.railsrumble.com |
|
|
So when you say "Give me your Twitter username and password", they'll say no. It doesn't matter that it's actually safe. It certainly doesn't sound safe, and that's all that matters.
Argue against it at your own peril. People are comfortable with user/pass.