In 9 weeks, 3 days and some change, Twitter will turn off basic authentication for apps, making OAuth the only way to connect to Twitter applications. The Twitter API team has even launched a countdown to what it calls “OAuthcalypse.”
Currently, there are two ways to connect to apps: basic authentication, where you provide your username and password to a third party, and OAuth, which allows you to connect to apps without giving away your account information. As part of a move to make Twitter more secure and stable, basic authentication will be removed on June 30th. Apps will no longer be allowed to ask for your username and password.
Twitter revealed the news and the countdown clock in an announcement on the Twitter API Google group:
“you’re going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 — developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody.”
It’s important to note that there is an exception to the new policy: the streaming API, which helps apps gain near-realtime access to certain sets of Twitter data, will still support basic authentication.
The change in policy and the launch of the OAuthcalypse countdown clock are good moves by the rapidly-growing company: it makes the entire Twitter ecosystem more secure while giving developers plenty of time and notice to switch over their apps to OAuth.
Do you think this is a smart move by Twitter? Be sure to let us know!