top | item 7372491 (no title) mmcnickle | 12 years ago The user will enter their password on the provider's site via the phone browser. It relies on the user's trust of the system browser. discuss order hn newest dawkins|12 years ago I meant for a native app and you being the provider. If you don't trust the client app even oAuth won't help you preventing the client app to know the user password. misterjangles|12 years ago It is true you have to trust that the native app is not tricking you into thinking that you're entering your password on Facebook.But, at least if it's implemented correctly and not maliciously, the app doesn't ever see your password.
dawkins|12 years ago I meant for a native app and you being the provider. If you don't trust the client app even oAuth won't help you preventing the client app to know the user password. misterjangles|12 years ago It is true you have to trust that the native app is not tricking you into thinking that you're entering your password on Facebook.But, at least if it's implemented correctly and not maliciously, the app doesn't ever see your password.
misterjangles|12 years ago It is true you have to trust that the native app is not tricking you into thinking that you're entering your password on Facebook.But, at least if it's implemented correctly and not maliciously, the app doesn't ever see your password.
dawkins|12 years ago
misterjangles|12 years ago
But, at least if it's implemented correctly and not maliciously, the app doesn't ever see your password.