Have you guys considered maybe tweaking the basic auth system to something like what friendfeed has.
Each user could be given a third party system generated key to use instead of a password and then basic auth could still be used and not tired to the system password. If the user felt their account had been compromised by an app they could just generate a new code and also this would protect the users account from hijacking. I know you don't want to have 2 different systems for auth but this could be used for legacy apps and for use cases like funkatron mentioned earlier in the thread. Cheers On Feb 5, 4:59 am, Cameron Kaiser <spec...@floodgap.com> wrote: > > Thanks for the feedback, guys. We'll consider extending Basic Auth's > > life, or maybe granting a "stay of execution" to known-good apps. At the > > very least, we'll try not to pull the rug out from under anyone. > > I appreciate the consideration. :) > > -- > ------------------------------------ personal:http://www.cameronkaiser.com/-- > Cameron Kaiser * Floodgap Systems *www.floodgap.com* ckai...@floodgap.com > -- Another visitor. Stay awhile. Stay forever! -- Professor Elvin Atombender > --