Passwords… Again

Password Security

Why your password can’t have symbols—or be longer than 16 characters offsite
by Casey Johnston @ Arstechnica

Password implementation and it’s effect on the user experience is something I’ve been following for a few years. Jakob Nielsen wrote a few articles on the subject that got me thinking, Stop Password Masking (2009) offsite and  Security and Human Factors (2000) offsite. I followed up with an article about passwords and usability here. Anyway, the crux of the argument is that uber strong passwords don’t really improve security. In fact they may actually make the entire process less secure because humans aren’t good at remembering a dozen complex passwords. They’ll write them down which defeats the whole purpose. Add to that the fact that Brute Force attacks make up a small number of successful break ins compared with Phishing, insider attacks or other social engineering offsite strategies.

The article above talks about why every website has different password requirements (another usability hit I might add) and also touches on the pros and cons of strong passwords. Basically, I still think I’m right.

Digital Security is Not Really About Password Strength

I’ve been ranting for quite a while now about the onerous password requirements of many online services. Since there’s no accepted standard for what constitutes a “strong” password, the requirements are all over the place. I must have at least a dozen variations of a single base password. It’s really impossible to keep track without violating a key security tenant, e.g., writing them down.

This short piece really drives home the point that password guessing or brute force attacks aren’t really the danger. It’s the handfull of IT professionals and insiders that essentially hold the “keys to the castle.” If they leave under adverse circumstances or are motivated by greed, companies have a major security issue on their hands. Really, any reasonable password that doesn’t fall into the “password” or “123456″ category will secure your personal information. For companies, comprehensive security policies and procedures keep private data…well…private.

Loose network security policies invite insider hacking offsite
by Byron Acohido, USA TODAY

Complexity in UX Design

Complexity

I recently read an article in UX MAgazine, The Complexity of Simplicity offsite by Jay Selway. It’s nice to see colleagues willing to stand up and say “more is less.” Not surprisingly, clients don’t always see it that way.

An interesting aspect to the complexity discussion is the idea that for a product (or site) to evolve it must add features/functionality. I read an interesting article once laying this out for software development. If we use Microsoft Word as an example lets say that 80% of users use 20% of the available functionality. That means that 80% of the functions available in Word aren’t used. Ever. But to create a perception of value additional new features are added with every version. Read More…

Shopping on Mobile Devices

Billions in Revenue from Smartphone & Tablet Shopping from Business Insider Intelligence
Here’s How People Are Shopping With Their Phones And What Business Can Do To Grab Them offsite
by Nicholas Carlson

More and more people are buying things online using their smart phone or tablet. This begs the question, how can we make the shopping experience better, thus increasing revenue? The current debate pits mobile apps agains mobile optimized websites and by extension responsive sites. App development is comparatively expensive compared to mobile optimized sites. Add to that the multitude of platforms and costs add up. Read More…

Wire Framing – Is there a better way?

Wire Frame From Tokyo Designs

Article: Ditch Traditional Wireframes offsite
by Sergio Nouvel

This is an interesting article about the various ways we create UX documentation. This has been debated over the past couple years and is a very interesting and potentially time-saving approach. I agree in principle that HTML/CSS wires could be beneficial but I see a few problems,

  1. Many CMS and eCommerce platforms aren’t very flexible when it comes to passing along finished code. That renders HTML/CSS work useless
  2. Front End coding is a skill unto itself. While I like working with HTML/CSS I would hardly call myself a front end developer. I see a LOT of issues passing code on to skilled front end developers,
  3. If you need to “prototype” interactions that require multiple variables (or states), the HTML/CSS approach isn’t ideal. I know we’re talking about wire frames, but tools like Axure can be both the wire frame AND interactive model. The code is useless but communicating functionality is much easier.

I definitely see the benefits of the “code it ” approach. But, I think a very well defined and rigorous design and development process would have to be in place to support that system.

Omnigraffle Tricks

Omnigraffle I’m a relatively new Omnigraffle user, a little over a year now. Like any new application learning it was initially frustrating, but I’ve found it to be a solid if not top-tier wire framing tool. It’s more elegant then Visio (by far) and much cheaper. It has the layering power of a design program but it’s not overly complex. It produces very polished-looking hard copies (if that’s what you’re looking for) for client meetings and presentations. And the user community and stencil options are very robust.

Like any robust software, you don’t know what you don’t know. This post is a few years old, but it’s a great primer on Omnigraffle. Two tips, in fact, I had just learned recently myself (“master objects” and “move to layer”). It’s Mac only (unfortunately), but that’s about the only negative. How many clients have copies of Visio laying around anyway?

10 Omnigraffle tips you might not know (plus one bonus!) 

Nordstrom Innovation Lab – UX Design On-The-Fly

Nordstrom Innovation LabThis is a very interesting video on Nordstrom’s Innovation Labs (Who knew right?) that showcases an iPad App designed and built in real-time at a Nordstrom store. I find the concept very intriguing. Though I wouldn’t call the results spectacular, the real-world usability testing and iteration process appears to be very effective. Watch the video after the break. (6:43) Read More…

The Reinvention of Myspace

This is going to be a fascinating case study of how to (or how not to) reinvent a brand, implement a new business model AND create a completely new user experience. Though there’s a lot of baggage with the “old” Myspace, I think there’s still a lot of value in the brand. And with the added visibility of Justin Timberlake there might be some hope. It’s definitely worth keeping an eye on.

Remaking MySpace: How Tim and Chris Vanderhook are turning around the web’s biggest joke from VentureBeat

Next Page » Scroll to top