Developers have had plenty of warning. Twitter first announced the move in April, then extended the deadline from June to August and finally implemented a gradual phase-out. Twitter appears to be letting a trickle of connections through with the old method, but expect even that to end soon, as the company’s statements all point to Basic Auth being really, truly gone.
The change to OAuth means increased security for users because “Applications won’t store your username and password, and if you change your password, applications will continue to work.” OAuth is a token based authentication system. Individual applications are granted access through a key passed from the server. Applications that use Basic Authentication store the password in the app and send it to the server when they make a call.
Is giving up client-side-only applications significant? Is it worth the security? Let us know in the comments.