OAuth...what is it

What is Oauth?

• It is an access authentication token utilised to allow " Secure Delegated  Access" to server ( as per WIKI) on behalf of the owner.
• It is an open standard for authorisation.
• It has been designed basically to work with Hyper Text Transfer Protocol (HTTP).
• Herein an authorisation server provides a third party access token  with the approval of authorised users.
• Commonly used by Facebook, Twitter and other popular social media networking sites to allow users to login without any worry about their credentials being compromised.
•      (Image source wiki)
•  This has been in the news because OAuth has been hacking community's favourite punching bag. latest to be compromised is the Bitly service.

Bitly Compromised

• Bitly... a URL shortening site that helped many bloggers shorten the URL, hide their paths and post them through microbloggng sites and other social networking sites HAVE been hacked.
• Their CEO Mark Josephson has blogged in his post.
• He blogged that 

"We have reason to believe that Bitly account credentials have been compromised; specifically, users' email addresses, encrypted passwords, API keys and OAuth tokens," 

• The  registered users of Bitly has been advised to
• Log into Bitly account from Twitter or Facebook
• Reset Legacy API keys
• Copy and replace this key in all your profiles.
• Then reset all your passwords.
• Bitly has invalidated all Twitter and Facebook credentials, meaning that a user will not be able to use Bitly from these social networking sites till he resets the options given above.
• So Beware...Be Aware and keep urself safe
• Happy Hunting
• Sourcehttp://www.pcmag.com/article2/0,2817,2457837,00.asp?mailingID=F1BEF928D79843FDAF41D5B2084CF083