octavuslimited (7/23/2013)
OK, I understand the concern about "phishing" but still believe it comes down to an issue of trust with the vendor. The application requires the same information that you would provide to access Azure SQL for example so obviously there is greater trust with Microsoft than an unknown vendor, I get that! Otherwise, it's not an issue specific to this application but to cloud/web services in general?
Not correct. For Azure, they have my credentials to what I host there. Not what I host elsewhere. You allowing anyone to connect to another server means that you are the man in the middle, with credentials to machines outside your service.
There certainly is greater trust with MS since they have more liability and I have more recourse with them. With you, I have no idea who you are, your assets, or your ability to make good any issues.