When’s the last time you gave out your username and password for something crucial to a random web service? That’s what a lot of people have been doing with Twply.com. The site asks you for your username and password, and then promises to send any @replies that you get on Twitter to your email account.
However, it’ll also spam its own URL across your Twitter account – “Just started using //twply.com/ to get my @replies via email. Neat stuff!“. That means they’ve got a big database of Twitter usernames and passwords, ripe for spamming. I wonder what could happen if they got bought by someone without a conscience… Oh, wait.
If you’ve used the site, now would be a great time to go change your password. If you’ve not, then remember basic security advice. If you’re not sure about giving out your username and password to a website, then don’t do it. Have you got any tales of Web 2.0 privacy woe? I want to hear them. Drop me a comment below.
Oh, and for a service which does the same thing without asking for your password, try replies.twittapps.
Twply (via Helloform)