People sharing Twitter passwords with rogue friend apps has been a problem for a few years – I have written quite a few posts warning people of the dangers of sharing passwords with insecure apps, and have also been critical of giant social networks continuing the practice of scraping data from other services using standard password authentication.
I have been ranting and raving about insecure viral Tell-A-Friend scripts for over a year, and it seemed like I was just talking to a brick wall.
Now in the space of just a week I have been able to highlight a solution based upon one of my own blog posts that uses a slightly ghetto, but K.I.S.S method to achieve extremely effective viral tell-a-friend functionality, and now I want to mention another more sophisticated solution.
The other day I was slacking off on Twitter and clicked a link through to a JV promotion that I had seen in a number of emails, but hadn’t really taken much interest in. I hadn’t heard of the guy doing the promotion, and to be quite honest the topic didn’t seem to be the best match for this blog, though it does fit with the overall “Make Money Online” and “Work From Home” niches very well.
If Twitter were really serious about the dangers of sharing access to Gmail accounts, and thus their personal documents on Google Apps, they wouldn’t continue to encourage people to hand over their email passwords just to tell their friends about Twitter or find existing friends on the service.
Optin Accelerator is a massive security risk for your customers – rather than fix the security problems, the new version just adds fluff without addressing core issues.
Anyone can make a mistake, release a product without considering all the possible ramifications, but to release Opt-in Accelerator again without major changes is irresponsible.
Jeff over at Coding Horror has just been taking a small pop at Yelp for requiring email account access to find friends
Email is the de-facto master password for a huge swath of your online identity. Tread carefully:
Another tell-a-friend like Facebook / Myspace / Linkedin etc script seems to have launched today
This script is different to Optin Accelerator in a number of ways
- The script is hosted 100% on your server
When I first read about Optin Accelerator I had a few initial thoughts
- It took a long time for internet marketers to copy the viral signup mechanisms used by many internet startups, including the more established Facebook, LinkedIn, Myspace etc.