Posts Tagged ‘Stealing Passwords’

Twitterank – What it is and what it isn’t

November 12th, 2008

In the Twitter-Sphere, there has been controversy surrounding “Twitterank!” and its requirement of you entering your credentials.

This initially prompted this response and update from the Author of the tool:


I’m not out to steal ur twitterz. Frankly, I wish I didn’t have to ask for your account info, but Twitter doesn’t offer APIs using any other authentication mechanism (according to the docs). So blame them. Read more about what I’ll do with your account info/data in the FAQ.

I will not store your password. I will only use it once to calculate your Twitterank.

However, that still did not stop these other blog posts:

Gullible Twitter users hand over their usernames and passwords – did you get your Twitterank yet?!

Is Twitterank Ranking Your Popularity Or Stealing Your Password?

And other ones.

I initially rebroadcasted (From a trusted source) the links to this very Data, however at the urging of a concerned Party – I took it up a notch and contacted Ryo of Twitterank directly.

He advised that they do not store passwords, nor is it being used as a phishing operation.

Though he does agree that people ought to be more careful about sharing their passwords.

Which brings us to the lesson for the day.  Twitter is a great phenomenon.  And it’s a good thig we have trusting well intentioned souls such as Ryo out there.  But remember.  Not everyone will be nice, and the next cool site (Which may not be trustworthy) could indeed be capturing your data, reselling your DM’s and any other number of things.

So do be careful out there.  At the moment I do retract initial concerns of Ryo himself causing any harm, but do be concerned with any Web Based App that you do not trust, as a mechanism for releasing your Twitter credentials, or any other credentials for that matter.

Thank you for your time, and if these details change, I’ll certainly be the first one to say “Doh! I’m an idiot!” :)

Disclaimer: I am not affiliated with Twitterank in any fashion, nor have I ever used its Services! However, I have changed my password just in case recently, so sorry @Guykawasaki I think I broke the auto-alltopper which would feed off of my account!


@axelator reminded me of this lesson – Wondering, Why is it we would do this? share our twitter credentials, trusting implicitly a site to do with one of our tools?

This is reminiscent of the early days of the Internet (late 80’s, early 90’s) which were Trust was implied.   A lot of you may not have thought that these credentials are indeed the keys to a kingdom, whether you meant them to or not.   Luckily, this was not intended with harm in mind.  But this is a wake up, this isn’t the first time, and certainly won’t be the last.

Be Careful out there.

Special Props to T_rank for this new blog to address the questions as well.

Also, think about your passwords – Sarah Evans makes it succinct here:

Do you share your password(s) freely?

Tags: , , , , , ,
Posted in Baltimization, Christopher Kusek, Informational, Technology, Twitter | Comments (2)

  • Archives