On the Twitter password change page you'll find the following notice:
Note: If you have trusted a third-party Twitter service or software with your password and you change it here, you'll need to re-authenticate to make that software work. (Never enter your password in a third-party service or software that looks suspicious.)
Speaking of suspicious, exactly how does following Twitter's guideline "Never enter your password in a third-party service or software that looks suspicious" help you avoid account compromises? Avoiding suspicious software and services is so easy a caveman can do it. Avoiding convincingly similar software is another skill set entirely, and one that millions of users have yet to master.
So here's a suggestion for Twitter. Change the note! I suggest the following:
Note: THINK CAREFULLY before you trust a third-party Twitter service or software with your password. Generally, sharing passwords is a VERY BAD IDEA, especially if you care a whit about your privacy. If you insist on violating this important rule, please Please PLEASE use UNIQUE passwords for these connected applications, and for goodness sake, DON'T USE THE SAME PASSWORD YOU USE FOR ONLINE BANKING! Oh, by the way, if you change your Twitter password, you'll need to re-authenticate to make that software work. Oh, and one more thing: Always be suspicious of ANY form that asks for a password, whether it looks suspicious or exactly like the one you're familiar with using. Double-check the URL you are visiting. When in doubt, type it manually, OK? OK...
Ineresting article. I'm always careful where I enter my passwords but some times you forget and get caught out.
Posted by: Borellus | Tuesday, 03 November 2009 at 12:29 PM