I'm making a client app that will display a wordpress blog (outside of the browser) and show comments, TOC, etc. I would like to be able to use XML-RPC to get all the information rather than scrape it from the HTML. From what I can tell, the XML-RPC interface requires a wordpress login even to retrieve information (nevermind, create posts).
Is there a public username/password that can be used to retreive information and be locked out of making any changes?
The alternative I was thinking of seems risky and I doubt would be a good idea... but if I created a 2nd username and hardcoded it into my client, I could programmatically only allow retreiving data. However, someone using wireshark could easily see the login and password and could manually login to cause misery. Sooo... scratch that.
I intend to make the user login with their own information if they wanted to post comments, but I would like to avoid forcing them to sign up for wordpress just to read the blog through my app.