Yesterday the Twitter API team granted Twaddle access to the (newish) XAuth interface. What does that mean? Well it means that one of the biggest criticisms of Twaddle is gone. You’ll recall in previous versions to set up a new account you had to hit “Start” which would launch your browser. You’d then login to the Twitter website which would give you a 7 digit number. That number would need to be remembered and entered back into Twaddle. This process, which is relatively painless on a desktop or web application, was incredibly frustrating on a mobile device. XAuth is designed specifically to address this issue. I think the following screen shots of the new account setup process explain better than I could…
“But isn’t this going back to username / password combinations which is insecure?” you may ask. Well, no, not really. The username / password combination is sent over a secure channel only once (at the time you fill out this form). Twitter verifies this and then sends back a token which is used for all subsequent requests. This is in fact identical to the OAuth process used in earlier versions the difference is how that token is acquired.
All you really need to know is that signing up with Twaddle is now pain free! Hooray!
Where can I download the latest version with new XAuth system?
No where as yet. I’m in the final stages of development / testing of 0.3, which is the first version to use XAuth.