Thanks, FriendFeed and Twitter users.
After my previous post, I started a thread in FriendFeed that not only linked to my previous blog post, but included an additional graphic that focused on the dialog box itself (I began to suspect that the message at the bottom left wasn't related to the issue).
In addition to the wise messages urging me NOT to pass my credentials to this suspicious dialog box (I didn't), I also got a couple of comments from FriendFeed user Chacha:
They are having problem with it. A lot of sites are getting this problem.
It has to do with an error in the badge
And Chacha was right. Other people were reporting the problem.
“@twitter - All of a sudden, my website's Twitter badge is asking vistors for a name and password (Twitter API). What's going on?”
“@johnbattelle twitter has screwed up something and is password protecting user timeline calls from the twitter badge on your site (and o ...”
“@dacort ah - problem solved, ty "Twitter made a change to the api that the badge is calling". will reinstall in the morning :)”
“a few people saying that my site is newly asking for twitter credentials. no idea why. have blown out twitter badge for now.”
“@josiefraser Twitter made a change to the api that the badge is calling. Not sure if they're aware yet...”
At one point the widget included the URL
I simply changed that URL to
and that quick & dirty fix seemed to take care of the errant login requests.
[UPDATE 9 JANUARY]
Hold on that thought. Two users on getsatisfaction.com said that was a really bad idea.