Talk About Local HomepageTalk About Local

Hyperlocal in the UK

Twitter & OAuth

by

More and more of us are using Twitter to communicate or to promote our hyperlocal sites. Until recently (yesterday!) you had to authorise the different applications you use to automagically tweet out about your latest posts with your username & password.

This as I’m sure you are all aware posed some security risks, we have all had random Direct Messages from your friends in the past asking you to rate who is the hottest out of Will Perrin & Eric Pickles or do you prefer Coke or Pepsi etc. Most of these are at best, a waste of time and at worst phishing for your password.

As of last night, you should not need to enter your username or password to use any application that works with Twitter.  Twitter have made changes to their authentication service that means you can authorise applications without having to enter these. I won’t bore you with the details you can read them here on the Twitter blog : Twitter Applications and OAuth

Now that Twitter has made these changes maybe it is time to have a look at what applications you have authorised on your account and have a bit of a tidy up?

When you are logged in to Twitter go to http://twitter.com/settings/connections and have a look at the authorised applications like in the screen grab below.

Can you remember what each application is for?

Remove any applications you don’t need or can’t remember what they are for (you can always re authorise them later). Then check the ones you do need and look at revoking them and authorising them again to make sure they are using the new authentication system.

Maybe you could change your password(s) as well just to make sure?

Changing your password is not as daft as it sounds, changing your password will highlight any applications that are still using the basic auth method, any that are using OAuth will continue working quite happily.

Follow Mike
Latest posts by Mike Rawlins (see all)