Today I followed an innocent little Twitter link from Jeremy Keith that led, unbeknown to me, into a virtual bloodbath. What was the battlefield? Get Satisfaction. And the cause that people were raising banners to? The password anti-pattern, and Get Satisfaction’s unwitting support thereof.

What is the password anti-pattern? In short, it’s the behavior of teaching people that it is safe to enter their password information from one website on a different website. In the modern digital world of phishing attacks and identity theft, it’s a very dangerous habit to help people form.

How dangerous? Well, how attached are you to your personal information?

The specific issue that Jeremy is bringing up involves the “Twitter this” widget that Get Satisfaction has on their site. By entering your username and password for Twitter, you can re-tweet the topic or page that you’re located on for your Twitter followers to see.

The behavior may seem innocent enough on the surface to you all. After all, you’re initiating the tweeting that occurs, and Get Satisfaction has a certain reputation of trustworthiness. Also, what harm exists in giving out your Twitter info?

Well, there’s a number of issues. First, the folks at GS don’t need your login information in order to provide this function. There’s other ways to do it (Jeremy suggests one in his post on the topic). Secondly, some people have a tendency (bad though it may be) to recycle usernames and passwords, so their Twitter login may match their bank’s login, or something of equal importance. Lastly, behaviors can be habit-forming, and even if GS isn’t going to do anything harmful with your info, some other site later down the road might, so it’s very poor form to be teaching someone that it’s safe to do something that could cost them their identity or money.

So it shouldn’t be surprising that there’s a lot of developers out there like Jeremy that are against this bad practice. What is surprising in this case is that many of the Get Satisfaction employee responses to this issue was to push back against the suggestion that they change their approach? With arguments ranging from “we’re not full of thousands of developers” to “It’s just Twitter, not your bank,” many of them (granted, not all) seem to have missed the point altogether.

The anti-pattern is bad because it teaches bad behavior. Period. It helps form a habit that will eventually cost end-users their identity if they continue it. As a website devoted to user satisfaction, it is shocking that they wouldn’t grasp this concept and embrace it.

If you make a website, you have a responsibility to your users not to screw them, directly or indirectly, with this sort of design “feature.” Either work around it (as Jeremy Keith suggests to GS in this case), or eliminate the feature altogether if you can’t work without it. Our identities are getting increasingly digital as the seconds pass, and it’s sheer folly to be helping people commit virtual suicide.

After all, the road to Hell is paved with…