Application Passwords has been a life-saver. Using Application Passwords is *much* simpler than using a full oAuth implementation and is more secure than using standard passwords via Basic Auth. OAuth is, in many cases, overkill and not the right solution (i.e. when you’re building a trusted application to interface with your own WordPress website) — not to mention oAuth is very cumbersome to test via the command line. Just make sure any production site you use with Application Passwords is forcing HTTPS — because any kind of basic authentication is going to be unsafe over an unencrypted connection. 🙂
- The topic ‘Convenient and more secure than using User passwords’ is closed to new replies.