Posts Tagged ‘passwords’

Twitterless No Longer Requires Twitter Passwords

October 20, 2008

Ever since Twitterless was first launched, the biggest failing was the requirement to store user’s Twitter account passwords.  The reason these passwords were required was because Twitter puts limits on the number of requests an IP address or Twitter account can make per hour.  Twitterless needs to make many more than 100 requests per hour to find dropped followers for people so the only way to get around this limitation was to make the requests using the authenticated account of the user it was currently checking.  In other words, the burden was distributed across many accounts.

The folks over at Twitter put these limits in check for a reason, most importantly to keep too many people who use the API from overloading the system (any more than it already is).  However, to help foster an active development commnity, Twitter will “whitelist” accounts for developers of Twitter-centric web applications they deem worthy.  I didn’t ask for Twitterless whitelisting status until recently because frankly I thought that the Twitter people may not accept an application that tells users when people stop following them.  As Twitterless grew in popularity, the number of grievances about password storing grew in kind, so I finally decided to request whitelist status despite the chance it may get rejected (or worse, blocked entirely).  

My fears were laid to rest last Friday when I discovered another service called Qwitter that also sends out notifications when followers drop people that actually had whitelisting status.  Not too long after that, whitelisting status was granted for Twitterless and the need for passwords was extinguished – yippee!  Existing users can go into their Twitterless accounts and change their password to something other than their Twitter password and rest easy that it has been erased.  

Now there are some drawbacks.  There are a few Twitterless features that still do require authentic Twitter passwords despite whitelist status, namely: address-bar-posting, auto-block, and auto-follow.  Because the number of people who actually take advantage of these features is very small so far, it isn’t a big deal, but for those of you who are using them you can still take advantage by leaving your actual Twitter password in the database.  The second drawback is that users with Twitter accounts that have been set to “private” will need to continue to supply their authentic Twitter password to Twitterless in order for the service to work for them because “private” also means “nobody, not even programs using the API, can access your information.”  If Twitterless can’t access your info it can’t find out who stops following you. 

So that’s the skinny.  Those of you who were worried about your passwords being stored by a service other than Twitter can now rest easy.  You can change that password in your settings and the new password will be what you use to access your Twitterless account from then on. Also, whitelisting will also allow me to implement some new an interesting features that wouldn’t have been possible without it, so stay tuned for those.  Thanks for trusting me with your passwords up to this point and helping test the application.