Google joins the password anti-pattern bandwagon, and brag about it
Last entry on Google’s social network (Orkut) weblog is about a new contacts finding feature, not-surprisely it also uses the incredibly bad password anti-pattern we all hate so much for email accounts other than it’s own (Hotmail and AOL).
Yes, there is a text note saying that they don’t store your password, but that’s not the point. Even if people trust Google (or Ning, or Facebook, or Twitter or any of the guilty services currently spreading this awfull practice) their passwords from other places, it is an irresponsible thing to do. Web services, simply shouldnt teach people that is ok to give their credentials away to 3rd parties, let alone blog about it as if it was a good thing!
Orkut already suffers a lot with malicious users taking advantage of tech savvy people, and have been doing a great work in educating users that you should trust no one and be careful on where to click or log-in but this is a step backwards.
In Google’s defense, I must say that this move will certainly and undeniably bring then a lot of new activity and pageviews, resulted from the new connections. Making it easy to find your friends on a social network is not a bad thing. I am just saying that as the leading company on so many web areas, and having “do no evil”(they still use that?) as their motto they would help more in pressuring MS and AOL to make it easy for users to export their contacts list in a trusted manner, using OAuth or any other Flickr-style permissions granting solution for example, even csv file upload would have been better.
Shame on you, shame on us. Let’s fix this thing already. Please?
[UPDATE] MS now has a Contacts API too!
[UPDATE 2] Flickr got it right.