The distinction is not a lot approximately the performance, but in how flexible the framework is. OAuth 2.0 is a standard, extensible manner to create authorization mechanisms, while OAuth 1.zero most effective really supported one factor.
OAuth 1.0 addressed a much smaller subset of these troubles, and simplest supported one token kind (secret keys encrypted the use of an HMAC) and simplest one way to get tokens (internet browser redirect).
OAuth 2.0 normally uses bearer tokens (random values which can be handed through TLS/SSL as an HTTP header), however those may be received in many approaches, together with an internet browser redirect and a username/password check. The spec committee is operating on additional approaches of having tokens, which includes through signed JSON web tokens (JWT).
