Our Philosophy
Twitter has their own internal reasons for wanting to shut off Basic Auth - it probably has a lot to do with
serving around 4 billion API requests a day. They need a way to track and manage that and they claim OAuth let's
them do that.
Some of the arguments against Basic Auth include:
- no user protection
- hard to ban spammers
- once a spammer gets a set of users they have them until they change their password
- hard for companies to use because of legal ramifications (due to storing passwords)
We believe that the SuperTweet.net approach addresses these issues.
- Users have complete control over their SuperTweet.net passwords. They can revoke or change them at any time,
without any impact on their actual Twitter Account or Twitter passwords.
- The requests to Twitter are fully OAuth signed so Twitter has complete spam control.
- see (1) above
- Not applicable because nobody is storing passwords for other users - only for their own accounts, and only
revocable API passwords, not real Twitter passwords. See When not to use SuperNet.net API proxy service.