[ivankirigin]

My comment is directed to this community.

I agree 100% that asking for passwords is a very bad practice, and users shouldn't be trained to do it. They should fix it immediately.

I suppose people could stick to twitter.com and sms - but to me, the defacto twitter world has clients. They are important. I want people to use them. Give your password to sites you trust, Mom.

[dbrown26]

The next blog post will be about how you can do almost everything without "being evil". There are other ways to get the information or behaviors you seek without requiring external logins. Twitter clients are entirely different animals as the credentials are stored individually in many different places (phones and pc's). Hackers look for large, easy targets, like a web site's database or server logs that contain lots of info, they don't do individual hacks by and large because the ROI is just not high enough. Not saying that its not a risk, just that the risk is MUCH smaller.