Pages

Tuesday, April 14, 2020

Frequent Password Reset Requirements

For a while, conventional wisdom was that making users change passwords frequently was an anti-pattern—encourages users to choose simple passwords. But with the risk of data being moved offline and brute-forced, has that changed? If the password is used on multiple sites, all it takes is for one careless site to have their encrypted passwords stolen, for offline cracking.

Of course, unique, complex, randomly-generated passwords from password managers such as 1Password are better still.


I went for PT recently and it was pretty helpful. Each week for 4 weeks they gave me additional exercise. They sent me home with printed diagrams like this (random link, not my actual exercises). Exercises seemed to help. What I wish they had also given me were links to each of the recommended exercises. Ideally, all compiled into a personal master URI for me, for my future reference if needed.

Sunday, April 12, 2020

Ethical e-Commerce UI Never Tries to Trick the Consumer

I loathe apps and companies that use UI to trick me. Examples:

When transferring my Venmo balance to my bank, the app always presents the expedited option that carries a 1% fee. This is a terrible deal, and unless you absolutely have to have the money quickly, nobody should use it. But Venmo presents it first, in a way that makes it look like it is the standard. More than once I have almost chosen it by accident.

What would an ethical approach be? Bare minimum, make the no-fee and fee approaches at least equal in the UI, so the user isn't tricked into choosing the one that is almost surely a bad deal. Better yet, create a setting where the user can set the no-fee option as their default, so they don't have the UI friction of making a choice between a good deal and a terrible deal.

LinkedIn is a huge offender. They do this horrible bait-and-switch thing with invitations. After executing on their periodic prompt for connect with people you might know (annoying, but to be expected with any form of social media), almost instantaneously, the UI automatically populates the screen with all the contacts that you just deliberately un-checked! It happened so fast, it was hard to notice. In fact, if you weren't paying close attention, you might think the first SEND INVITATIONS did not work, so you would re-click. They have been doing this for over a decade.

One of the pleasures of doing business with Amazon is that I find it never nudges me in a direction contrary to my best interests. Even when they offer shipping options that would be cheaper to them than honoring my Prime membership, they default correctly, to Prime, and merely give me the option to select the alternative shipping methods.

Full Size Range Hood Should Be Construction Code

The benefits of having a good kitchen exhaust fan is under-rated. Especially desirable when you burn something so much it smokes, or when cooking something extra pungent or messy. But day-in, day-out, they are good to use when doing any amount of stovetop work that involves oil. Get the aerosolized oil droplets out of your house, instead of letting them disperse and much things up.

The worse situation, of course, is to have an un-ducted fan. That does basically nothing but make noise for the placebo effect. But I think a microwave is a poor substitute for a full-size range hood. Unfortunately, it seems like over-the-stove microwaves have replaced range hoods in most kitchens these days. Ours included. I think replacing the microwave with a good hood would be pricey, and then also we have a space-inefficient kitchen layout, so counter space is somewhat limited, and so no good home for a countertop microwave.

If we ever move again...

My Mint Transaction Review Process

I've been using Mint.com for a few years now. I imagine I am a typical, lightweight user--I don't try to categorize things, I just use it to pull all my transactions into one journal, that I can review weekly (especially important for couples who share accounts).

For a while, I reviewed them directly in Mint, and that works okay, but its interface is not exactly snappy. I eventually hit on the idea of exporting them all to Excel (effortless, built-in, just scroll to the bottom of the transactions window for the "Export All" option). That has worked much better.

In Excel, I have all the responsiveness, power and speed of that very familiar application. Search, filter, it's all there. I review transactions, flag things that my wife needs to review, or that I may need to follow up on (e.g., Reimbursable), make an occasional note. Takes maybe 20 minutes per week, total.

There are little glitches, that mostly don't bother me, but would get in the way if you were trying to do true accounting. The main thing is that some transactions appear to be repeated, but aren't. I think this must have something to do with the timing of the credit card clearing process.