Tag Archives: security

Links from the past month




Links from the past few months

I haven’t blogged for a log while now, and have quite a few interesting things I’ve read and found that I’d like to note and share.




Dump of a few interesting Coding Horror posts

I could spend hours delving through the archives of Jeff Atwood’s Coding Horror blog, but there are only so many hours in the day. Here are a few bookmarked posts I wanted to post links to for posterity.


Programmer comfort


Why sign in?

There are some great articles over at User Interface Engineering about design mistakes in the area of user account sign-in:

I’ve always been frustrated at having to register to be able to buy things online, so I’m glad to find that I’m not alone in my frustration. The article is quite old, and I’ve seen “check out without registering” options pop up on some sites in the past few years so things are improving.

I think that such an option is a must-have for non-major online retailers, as it’s all-too-easy for a potential customer to just go elsewhere to a site that offers the option or a major site that they already have an account with.

Thankfully (by now, at least), most of the mistakes listed are less common but there are a few that are still common and particularly annoying:

  • Mistake #9: Not Telling Users the Requirements for Username and Password Up Front
  • Mistake #10: Requiring Stricter Password Requirements Than The NSA
  • Mistake #12: Not Returning Users to Their Desired Objective

There’s also the inverse of #10 which is still pretty common – sites limiting passwords to a short length and alphanumeric only.

Usability vs. security

  • Mistake #13: Not Explaining If It’s The Username or Password They Got Wrong

This rang some alarm bells for me (as it’s a security measure), and it turns out that it did for a few others as well. The author has acknowledged this with some further thoughts on balancing usability and security while considering what level of the latter is appropriate for the context.