Formally called “Sign In with Twitter,” Twitter’s new product lets websites and publishers allow their users to login with their Twitter username and password directly on the site. In other words, Sign In with Twitter looks like a simpler version of but yet direct competitor to Facebook Connect.
Like Facebook Connect, Sign In with Twitter lets third party sites and applications which use Twitter and Twitter data authenticate users without leaving the page. For example, any website which wants to publish stories to Twitter could now do so in a more seamless way using this new feature.
Unlike Facebook Connect, however, Sign In with Twitter doesn’t let webmasters pull as much social context into the third party site – in some ways because that social context is quite different on Twitter in the first place. First, the social graph on Facebook (which employs a bidirectional “friend” model) is different than the social graph on Twitter (which employs a unidirectional “subscription” structure). Though connections do somewhat overlap, the nature of the relationships on each is often different.
Second, Facebook Connect obeys Facebook’s fairly robust privacy rules that allow users to determine where and with whom their information gets shared. Twitter is much simpler because it just doesn’t have as much user data or privacy rules – almost all data on Twitter is public.
Currently, many Twitter applications allow users to login using their Twitter names and passwords through the Twitter API. However, passing (often plain text) passwords through third party app developers is a relatively risky approach, so the new Sign In with Twitter should increase trust in the Twitter app ecosystem. In addition, Sign In with Twitter is built on OAuth, which is encouraging to open standards advocates.
Is Sign In with Twitter another competitor to OpenID?
As Yahoo’s Eran Hammer-Lahav writes in his personal blog, “OpenID is often described as a single-sign-on solution, or ‘the last username and password you will ever need’. OpenID is a federated authentication protocol – a protocol where users can use credentials from any compatible provider who can ‘speak’ the OpenID protocol. But in this case, not any account will do. Twitter applications need Twitter accounts.”
Clearly, Twitter wants to establish itself as a major sharing platform connecting the social web. Sign In with Twitter is a symbolic if not major step toward where it’s going.