Monday, 5 June 2006

Advice to Web Developers: Forget the Password

This weekend while wandering down the aisles of our local Super Target, we found a dinner table and a side board we though would go great in our living/dining room. After checking out, a couple of teenage boys wheeled the still flat-packed pieces to our awaiting PT Cruiser.

Now, after flattening the inside of the car, both pieces fit. Though either Jen or myself wouldn’t. We kindly asked the boys if they could hold the pieces until I returned.

Sure.

After dropping Jen and the little man home, I returned to pick up the furniture – now in the Customer Service area.

“I’m here for those pieces.”

“Do you have the receipt?”

“No.”

We chatted for a bit, trying confirm that the pieces were in-fact mine and paid for sans receipt.

I told her we couldn’t take them before, because we couldn’t get them both in the car.

She called over the same teenage boy and off we went.

One of my bigger irritations these days is with the number of passwords I need to remember to try out the latest browser-based Web2dotOhGodNo beta.

Frequently, there’s no real need for a specific web service to require registration of a unique identity, let alone I’ve already generated a pile of them elsewhere (can’t I use one of those?).

Sometimes, my browser will pre-populate the login/pass – that’s great while at the same time completely defeating the purpose of security. Security and identity are separate concepts, though security may confirm identity, there are other ways.

Point is the two concepts are mixed up so much there’s an inherent security problem.
The more passwords I create, use, manage, and remember on a regular basis, the greater the chance I’ll use something like “1234” and the whole ecosystem becomes insecure.

I’m using Apple’s Keychain Access to store passwords both me and my browser have since forgotten. Passwords for trials that have expired and services that no longer exist. Thing is, I’m far less likely to click ‘forgot password’ than I am to never return (Who knew Friendster was still around?).

Forget the password, it’s a security risk for customers and a barriers-to-entry for providers.

ELSEWHERE:

“Some teens chew through IM handles like candy; their nicks are things like “o-so-funny” rather than the first name, last name standard that seems to pervade professional worlds. It’s not seen as something to build an extensive identity around, but something to use to talk to friends in the moment.” – Dana Boyd

Tuesday, 5 April 2005

Kayak and PinPoint Changing the Face of Online Travel

by Garrick van Buren 1 Comment

A couple years back, I helped Orbitz.com redesign their shopping process. During that time, if you wanted to book travel the major players were Expedia and Travelocity, with Orbitz aiming to be the more usable, better-looking alternative.

Today, those three players are equally mature and equally less than compelling. They don’t capture all airlines and have yet to offer the recreational traveler’s dream: give me the cheapest flight to Brussels, anytime, any day, in the next 1, 3, and 6 months.

Enter Kayak.com. Think of it as Froogle for travel. Just the bare-minimum needed to start a travel search. If you want something a little sexier, check out Pinpoint Travel. Pinpoint uses Kayak’s engine and leverages the new AJAX web application model making a very interesting and helpful interface – like Google Suggests. Also, by asking me questions about my personal preferences, Pinpoint does an excellent job of keeping me engaged while it’s searching.

On the downside, AJAX relies heavily on Javascript so Pinpoint isn’t accessible and for some odd reason neither is Kayak.

Wednesday, 11 February 2004

Legalizing Feng Shui

by Garrick van Buren 3 Comments

Last month Assemblyman Leland Yee introduced a bill in the California legislature to put Feng Shui principles on the books.

State officials were speechless “We know earthquakes knock down buildings, we know fire burns down buildings. We don’t know what feng shui does to buildings.”

As Assemblyman Yee responded, “A lot of the principles of feng shui are common sense. You should have light, air, and you should not have people’s backs to the door.”

Cut away the mysticism, the compasses, the octogans, and the core of feng shui describes common sense ways to prevent yourself from being surprised and startled during the day.

Like all media, buildings facilitate relationships between people. Make a small change in the environment and you’ll transform the relationship of the people within that space. I remember a dramatic example a few years ago. I was working for a small firm – in a small, single-room office. All the desks were along the perimeter of the blank cinderblock walls. It was difficult to talk with any one about anything – your back was to them and their’s to you. Not the type of climate conducive to a successful start-up.

After about a month of being forced to ignore the others in the room, I pushed the tables together and offset the workspaces. Within a week, we went out to lunch together more and started to gel as a team. Things were going so well, we moved into a new, larger space – with built-in desks forcing us into the corners, backs to each other. We lasted 3 months in that space before disbanding.

Garrick van Buren