Some follow up…

November 13, 2008 at 12:31 am 27 comments

Thanks to everyone who posted a comment to the previous entry. Since it seemed like there were common questions, I’ll just answer them all in a single post.

Are you a phishing site? Are you going to steal my account? etc..etc..

No, I am not a phisher. I don’t even store your password. Your password gets used once to calculate your Twitterank, and is never stored on disk or any other permanent storage device. Having said that, people do need to be more careful about giving away their account information. I’m not evil, but the next guy might be.

How can we verify that you aren’t storing our password?

I don’t have a good answer, but I’d be happy to do whatever I can to help convince people that this isn’t a phishing operation. I know that the people who know me will vouch for my character and integrity, but I’m also open to showing a trusted 3rd party the innards of the system. If you have any suggestions, please leave a comment.

Why do you need my password to begin with?

There’s some data I use (but not store) that I need to calculate your Twitterank. There are ways for Twitter to make that data available without requiring you to give out your password to 3rd party sites (Facebook, Yahoo! and others have such systems) but Twitter doesn’t yet offer those options to developers. As soon as Twitter adds more secure authentication mechanisms, I’ll switch to that. (*Give or take up to a few days it’ll take to change the code.)

My score is x… is that good?

There’s no good or bad, per se, but a higher score means you are more active and prominent on Twitter. As you and your friends use Twitter more you should see your scores increase.

What kind of “ranking” is this?

I’m sorry the name is misleading. It’s not really a “ranking” even though the name implies it. The name is an homage to PageRank, an algorithm developed by Google’s founders, and is considered to have been part of the secret to their search engine’s success.

Please delete my account from your system.

Again, I don’t have your password, so I can’t abuse your account. But if you really really want to be removed, leave a comment and I’ll delete you from the system. (But please understand that I’m doing this for fun, and have a day job, so I can’t promise to respond instantly. I’ll do my best though.)

Entry filed under: Uncategorized.

Uh… hello New Features!!!

27 Comments Add your own

  • 1. Emma  |  November 13, 2008 at 12:32 am

    You know what would be really cool? Letting us know what the highest rank is, or the mean rank… then we can know for sure whether or not we rock.


  • 2. Ryan  |  November 13, 2008 at 12:44 am

    I’m sure the people who know you would vouch for you. But who are you? Putting a name to this project would be very helpful to allow people to evaluate its credibility.

    That said, I think all this handwringing is ridiculous. People give their Twitter passwords to TweetDeck, FriendFeed, BrightKite, and a dozen other services, and this is the one that gives them pause?

  • 3. OneLag  |  November 13, 2008 at 12:45 am

    Hello! Thanks for the service. I thought your rank would go from 00 to 100 , like twitter grader. But some ranks, like mine, go higher than 100. Is there a limit up?

  • […] boa explicação pode ser lida no próprio blog do Twitterank. É o que faz passarmos tanto tempo a medir o tamanho dos nossos… […]

  • 5. Birgit Pauli-Haack  |  November 13, 2008 at 1:08 am

    Hi there, what a fury:-)

    Did you take a look at

    Is what you are trying to do something similar?

    Hope, that part of the RT of twitterrank (with wrong spelling) and the “Chicken Little” postings are also part of your experiment.

  • […] The site’s creator posted a follow up message on the Twitterank blog, answering a few questions: Are you a phishing site? Are you going to steal […]

  • 7. jackie  |  November 13, 2008 at 1:38 am

    how misleading…i felt cool when i thought my rank was high since my number was low. but now, i’m just a loser with a low score…and i use twitter all day long. how am i such a twitter loser?

  • 8. pcnerd37  |  November 13, 2008 at 1:45 am

    My Twitter name is pcnerd37, please delete me from you system. I will be closely monitoring the account for any problems in case you don’t turn out to be as sincere as you appear. Thanks.

  • 9. Jarrod  |  November 13, 2008 at 1:59 am

    Ho-ly-crap. Congratulations on getting the internet’s attention today. Whether this is a malicious phishing scam or a huge misunderstanding is still pretty unclear.

    If it IS a big misunderstanding and you aren’t a bad guy, I strongly recommend you take the following steps:

    1.) contact Mashable and personally respond to this:

    2.) contact Twitter headquarters… they could perhaps assuage some of the concerns and calm people down.

    If, on the other hand, you are a malicious phisher… well, best of luck to you sir.

  • 10. BL Ochman  |  November 13, 2008 at 2:33 am

    please delete @whatsnext
    i changed my password and i am not going to give it to anyone again any time soon.

  • 11. Birgit Pauli-Haack  |  November 13, 2008 at 3:00 am

    Also read:

  • 12. Lucretia Pruitt  |  November 13, 2008 at 3:01 am

    Loving the “let’s all go to Twitterank!!” “No wait! Twitterank is the devil!!” “No wait!! Maybe it’s not” “Okay, I don’t care if Twitterank is the devil or not – what the heck does this number mean?” rollercoaster of it all.

    Congratulations on being today’s Twittermeme in all it’s glory!! 🙂

  • 13. Ed  |  November 13, 2008 at 3:06 am

    No, you’re wrong.
    Fun hacking a giant is one thing.
    Hammering good good-fight geeks working their balls off,
    who have already taken a long whippin’, and wasting
    a whole lot of resource is not cool.

    I did not opt in because I don’t care what your formula was going to say.
    The folks following me determine my score.
    Perhaps an eloquent letter to Evan , Biz, or Alex would have yielded a right response, and prodded them with respect for another geek voice with good reasoning.

    Twitter doesn’t owe you a thing.

    Be a big boy and take on a giant.
    That, would be proving your point, and your chops.

  • 14. Robert Jacobs  |  November 13, 2008 at 3:21 am

    I have entered my twitter username and password but got a message back saying

    Twitter API FAIL… WHALE. (code 400)

  • 15. ajootian  |  November 13, 2008 at 4:21 am

    WOW! I’m entirely impressed by all the paranoid maniacs out there! I mean, what’s the worst that could happen… uh… you get my cell phone number? Post messages under my alias that urge everyone to vote for the GOP next election? Come on, ppl. Lighten up. It’s amazing how seriously pompous and paranoid the internetz makes people. This is more innocuous than dating, imho…. would I date a slavering freak? No. Would I give my password to just anyone? Course not. But if you don’t swim with the fishies, you get left in the muck.

  • […] Or not … here’s some clarification from the Twitterank blog: […]

  • 17. @primesuspect  |  November 13, 2008 at 4:37 am


    Ryo, I’m totally on your side man. I find this whole thing hilarious

  • 18. Thoughts on Twitterank | aquariumdrinker  |  November 13, 2008 at 4:48 am

    […] first “twitterank as phishing scam” reports here and here. However, this narrative was quickly addressed by twitterank’s developer and allies and the site appears, at this point, to be legitimate. (Chris Baskind’s FreindFeed […]

  • 19. tweetip  |  November 13, 2008 at 5:49 am

    1st Tweets Chart…

  • […] ZDNet’s Oliver Marks posted an article about user gullibility. Passwords were changed. The programmer responded. A parody was created. Twitter spent the latter part of the day responding to user complaints. All […]

  • 21. dacort  |  November 13, 2008 at 6:43 am


    Would having someone follow the @t_rank account give you the same access to info that logging in to their Twitter account does?

    I would recommend checking that out as it would remove the need to ask for the password (even though it seems most people have no problem with that). If you send a request to Twitter, they can also raise the API rate limit in specific instances. I agree that it’s unfortunate Twitter has no alternative means of authentication and is also the reason I’ve chosen not to release some apps. Just a friendly bit of advice – good luck with the ranking algorithm.


  • […] Según su creador, para realizar los “complejos” cálculos para obtener el Twitterank son necesarios el nombre de usuario y contraseña de Twitter. Algo sospechoso no? Si para usar el API de Twitter sólo es necesario el usuario de la cuenta, porque habría de pedir también la contraseña. […]

  • 23. ryochiji  |  November 13, 2008 at 8:01 am

    @dacort: As far as I can tell, the Twitter APIs I use return data for the user who’s authenticating. So if I use t_rank, I’ll get t_rank’s data, and there’s not way to say “hey, actually I want this other user’s.”

    I did send an email to Twitter tonight, so we’ll see if/how they respond.

  • 24. steven mandzik  |  November 13, 2008 at 3:39 pm

    What are the other authentication systems that twitter should/could use?

    I give out my information way too often for apps (twitpic, tiwtterific, loopt, blip) and stuff 😦

  • 25. @weave  |  November 13, 2008 at 11:20 pm

    Amen, @ajootian: LIGHTEN UP, PEOPLE! As they might have said on Monty Python, it’s just a bit of fun. You try it, you take the risk, you see the result, and you change your password. NO BIG DEAL. All this “delete my account” stuff, particularly after reading he’s not keeping the login data, is just silly.

    No one is “hammering” anyone else, no one is trying to deceive you…and even if they were, you caved, who’s fault is that?

    Nothing to see here. Move along.

  • 26. Ian  |  November 14, 2008 at 12:00 am

    It was a mistake to add questions about phishing spamming to the FAQ because clearly some people, just below the ‘surface’ are incredibly paranoid, including I suspect the developer of Twitterrank.

  • […] TweetDeck, etc. How can we be sure that any one of these is legit? TwitterRank has posted an official response to the phishing question. Basically it says, “I’m a good person, don’t worry […]


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


November 2008

Most Recent Posts

%d bloggers like this: