OAuth came out of my worry that if the Twitter API became popular, we'd be spreading passwords all around the web. OAuth took longer to finish than it took for the Twitter API to become popular, and as a result many Twitter users' passwords are scattered pretty carelessly around the web. This is a terrible situation, and one we as responsible web developers should work to prevent.
Recent articles
- My Lethal Trifecta talk at the Bay Area AI Security Meetup - 9th August 2025
- The surprise deprecation of GPT-4o for ChatGPT consumers - 8th August 2025
- GPT-5: Key characteristics, pricing and model card - 7th August 2025