some Twitter-related links

[cellio]

If you are using your Twitter account to sign in to other sites ("the "sign in with Google/Facebook/Twitter/etc" system), you should stop doing that now. Also, if you are using SMS for two-factor authentication with Twitter, that same article has advice for you. Some parts of their 2FA setup have stopped working, and apparently SMS validation is now unreliable.

There is an outstanding thread -- on Twitter, natch -- about the kinds of things that SREs (site reliability engineers, the people who keep large systems running) worry about. Parts of large systems fail all the time; in a healthy setup you'll barely notice. Twitter is, um, not healthy.

Debirdify is a tool for finding your Twitter friends on the Fediverse (Mastodon), for those who've shared that info. It looks for links in pinned tweets and Twitter profile ("about") blurbs.

I'm at https://indieweb.social/@cellio, for anyone else who's there. I'm relatively new there, like lots of other folks, but so far the vibe takes me back to the earlier days of the Internet -- people are friendly, help each other, presume good intent, and have actual conversations. It is not Twitter; some intentional design choices appear to encourage constructive use and hinder toxicity. I hope to write more about Mastodon later.

Comments

[siderea]

If you are using your Twitter account to sign in to other sites ("the "sign in with Google/Facebook/Twitter/etc" system), you should stop doing that now.

D'oh! I totally forgot about that. I think I have one account somewhere, if that site still exists, that I needed twitter to sign up for. I'll go deal with that. Thanks for reminding me.

[richardf8]

ברוך שלא עשני משתמש הטוויטר

[cellio]

Blink Ok, I guess it makes sense that that's how Twitter would be rendered in Hebrew. Never thought about it before. :-)

[richardf8]

This is what reading YNet in Hebrew gets me. I can spell טוויטר and טראמף. It's truly enriched my life.

[cellio]

I didn't think I'd used Twitter for this, but I wasn't sure. Fortunately, if you've done so, it should leave a trace in the "authorized apps" section of settings, as mentioned in the article. It did show Debirdify, which I'd just used and not yet disabled again.

If Google ever dies I'm going to have a much bigger problem with signins, but if Google dies I'm probably also losing my phone, so not being able to sign in to Medium would pale in comparison. I create unique logins where I can, but some sites only use the "sign in with some other system's ID" thing, and they usually only offer the big three, grr.

[siderea]

Okay, for anybody else who needs to know, I just figured out how to disconnect Twitter from Medium. In Medium, go to Settings > Security and apps. On the bottom is "disconnect from Twitter".

I have no idea if it's possible to create an account on Medium with no email address, entirely dependent on Twitter for authentication – if so I don't know how to remedy that situation. Twitter gives up your email address to Medium when you use it with Medium apparently (or so Twitters' interface just notified me), so maybe that email address can always be used to authenticate. My authentication record tells me I used Twitter to authenticate my Medium account, with no record of an email based authentication path for it, but lo and behold, Medium was happy to let me log in with the associated email address (siderea+twitter@mydomain.tld) Edit: no, wait, my bad: it's using siderea+medium@mydomain.tld, so I must have set that up manually.

[cellio]

Thanks for sharing that. I had never connected Twitter to Medium, so I didn't have info to share there. (I originally set up Medium with an email address only, but they don't -- or at least didn't -- do passwords, so logging in required an email confirmation every time. That got annoying when I was using it more heavily, so I connected Google. I don't use it as much now, so I could presumably go back to the email thing.)

When you log in to Medium with the siderea+medium address, what happens? Do they now do passwords, or do you have to confirm an emailed link, or something else?

[siderea]

They're doing the irritating email thing. (I was over here, going, "Geeze, what a weird way of handling authentication – well, I guess it gets them out of keeping passwords secure.")

[cellio]

Yes, if you're not prepared to handle sensitive data, and you can outsource handling it, it kind of makes sense to do it. Mind, back when I first joined Medium it seemed like a small scrappy thing and that was understandable, but these days they've gone big-business and added paywalls (a big part of why I rarely go there now), so they really should be able to support creating an account with a password.

[luscious_purple]

I *think* I may have set up a Medium account via Twitter login a long time ago (like 2014). That was when Medium was new or new-ish, and I wrote exactly one essay about my high school's art collection. Weirdly, I have 110 followers on Medium, some of whom I have actually met in person. I haven't logged into the site for years, so I have no idea if the account still works.