Social Networking Security - Password Sharing Hazards
(Page 3 of 4 )
Similar situations are encountered all over the Internet, with social networking sites being one of the major groups of offenders. A major example is provided by Facebook, whose Find Friends and Invite Your Friends dialogs ask you to enter your email addresses and passwords for online mail accounts such as Hotmail, Google Mail and Yahoo.
When faced with such a request, whether or not you trust Facebook or whoever else is doing the asking is irrelevant. Such practices encourage casual attitudes towards information that should never be disclosed, standard disclaimers about not storing or sharing passwords notwithstanding.
So casual have attitudes become that many people may not even realize that to supply a password to a third-party site is to share it. The phenomenon of one site asking its users to supply the password to another has become so widespread that it even has its own name. Known as the password antipattern, it precisely fits the definition of an antipattern, which is a design feature that seems beneficial at first but results in more negative consequences than positive.
If there is a positive aspect to the large volume of publicity that events such as Twitterank have generated, it is that Twitter has responded positively by undertaking to implement OAuth , and by further promising that a closed beta of its proposed solution will be available within a month. This follows the lead already established by sites such as Flickr, who set the security standard by moving away from the superficial appeal of the password antipattern in late 2008.
The negative publicity associated with the perception that social networks are playing fast and loose with their users' private data has also resulted in a chorus of proposed responses, ranging from calls to boycott sites such as Facebook to demands for a code of ethics for web developers.
This last idea is not as unlikely as it sounds. Many other professions that involve confidential data - accountancy and banking, for example - already operate under such codes, and such a step would do much to instill confidence in an industry that is often regarded as having a disrespectful attitude to such matters.
More Web Hosting Articles Articles
More By Bruce Coker