Rui Carmo
Partly (and very annoyingly) broken. It’s as if they are afraid of people rushing in and overwhelming their servers with standard clients, so they force OAuth2 instead of “normal” authentication protocols to claim standards compliance but decrease the risk.