I’m afraid if I add a post to twitter feature on my side project !adactio / @adactio will freak out because I NEED to ask for a password. — Leah Culver

The ideological route is to reject Twitter for not providing a suitable API.

Alternatively, could you leave password authentication out altogether and leave it to the browser to prompt users for the username and password when the API gets called? I think I’ve seen HTTP authentication prompts come from Twitter in the past (Natimon’s Twitter http://tweetersation.com/ does when you try to view a protected stream, I think). At least that way people can choose to use the ‘Remember This Password’ feature of their browser, rather than it being stored unencrypted on your server.

Or, just have a ‘Post to Pownce’ button instead…