After a storm of criticism and shaming over the blurb-tweeting feature, the organizers said that they had used OAuth and hadn't collected passwords.