Is OAuth broken?

3/1/2010

Terence Eden wrote in his blog post that Twitter has a gaping security hole and that changing the password won’t stop malicious users logging in as you Implementation error I'd say that this is both Twitters fault and OAuth.

If you suspect that someone has compromised your account and you change the password, the OAuth token should be deletedEven though the documentation doesn't suggest it, the engineers that implemented it should make sure that if you change your credentials, the token is re....

Full story: Info Alert: oauth

Similar articles

The Rob blog

Is OAuth broken? Terence Eden wrote in his blog post that Twitter has a gaping security hole and that changing the password won’t stop malicious ...

robertpohl - Twitter Search

Blogged: Is OAuth broken? http://bit.ly/1nMbF9 #twitter #security #hacking Blogged: Is OAuth broken? http://bit.ly/1nMbF9 #twitter #security #hacking

Info Alert: oauth

Blogged: Is OAuth broken? http://bit.ly/1nMbF9 #twitter #security #hacking Blogged: Is OAuth broken? http://bit.ly/1nMbF9 #twitter #security #hacking

SeekingAlpha.com: Home Page

Broken? David Merkel submits: As I looked over the carnage that was the bond market yesterday, I was reminded of my piece 17 mo...

ASP.NET Weblogs

OAuth in action – Linq2Twitter The other day I came across a pretty cool project, Linq2Twitter, that basically implements a linq provider for consuming the Twi...

Info Alert: oauth

OAuth in action – Linq2Twitter The other day I came across a pretty cool project, Linq2Twitter, that basically implements a linq provider for consuming the Twi...

Comments on this article

Add your comment

Latest from Info Alert: oauth

Not a member yet?

Signing up is FREE and will only take 15 seconds!

Facebook Login

Sign In

E-mail address:

Password:

Remember me

Forgot your password?