Loading Profile...
Changing Password does not revoke OAuth
Changing one's password does not revoke OAuth tokens.
If I change my password at Twitter.com, malicious users who have signed in with OAuth will still have access to my account. Is this a Twitter issue or an OAuth issue?
Full report at http://shkspr.mobi/blog/?p=994
If I change my password at Twitter.com, malicious users who have signed in with OAuth will still have access to my account. Is this a Twitter issue or an OAuth issue?
Full report at http://shkspr.mobi/blog/?p=994
1
person has this problem
I have this problem, too!
Tell me when someone solves it.
The more people who report this problem, the more it gets noticed.
The more people who report this problem, the more it gets noticed.
-
Inappropriate?Hi Terence. You can revoke the OAuth access of any third-party application by going to your Connections page at http://twitter.com/account/connections and clicking the Revoke link next to the application you want locked out of your account. -
Inappropriate?The revoke links aren't working for me. After clicking them I reload to make sure it stuck and none of them did!
I’m frustrated
