Today, I very nearly let a domain lapse that I fully intended to continue to have registered in my name. In all fairness: I own a huge portion of the blame for that near miss. But that’s the trick with UX: you’re trying to let someone do what they already know they want to do. I wanted to give Namecheap1 money for a domain. I almost didn’t get to. I’m going to tell you why.
Continue reading Please Save Me From Myself
Few things are more annoying than passwords. In theory, they’re fantastic. You keep a secret locked away in your super-computer-brain, and nobody else knows what it is, then you use that secret to prove that you’re who you say you are. Brilliant.
Except that, in reality, passwords are beset by several tough problems. First and foremost, you don’t have any control over what the website you plug your password into does with it, so using the same password for everything is foolish. That means that instead of having to remember one password, you have to remember a bunch of them and what services and websites they match up with. Don’t write them down, either, or someone with physical access to your space could steal them!
Those are all problems with passwords before individual sites get into the mix with their own restrictions. Some of these make sense; it’s almost pointless to have a two-character password, after all. Others of them are just silly: why should there be a limit on how long the password can be? Or what characters I can put into it? Then we have the myriad restrictions on how complex the password can be and how often you can repeat them.
The first group of problems are all going to be around for as long as we have passwords, but when it comes to the problem of users having too simple a password, there’s a painfully simple solution: base the expiration date of a password on how strong it is.
Continue reading The Ultimate Password Solution