Thursday, February 21, 2013

Changing Your Password Doesn’t Revoke OAuth Access

Brent Simmons:

Yes, I can go into my Twitter settings and revoke access to any one or more apps. And: I’m a developer, and I’ve written OAuth client code — I’ve even written Twitter-specific code.

But here’s what normal people think: I’ll change my password and everything will be okay.

Comments RSS · Twitter

Leave a Comment