It’s important to evaluate a new pair of hiking boots while you’re still in the store.  There are 3 important checks that will go a long way toward ensuring your new boots are right for you.

1. Socks Are More Than Puppets

The first check is to try on the boots while wearing hiking socks similar to what you would wear when hiking.  The Smart Wool shown above are my favorite.  The boots should feel comfortable while standing.  If they are uncomfortable now, don’t assume “breaking them in” will fix this.  If you’re uncomfortable wearing demo socks and don’t want to buy another pair just to try on boots, bring a pair from home!

Learn More

I was listening in to a YouTube webinar by the Google team today. One of their slides caught my eye and listed key online shopping dates from 2009.

While I’m mostly playing in B2B these days, this clean look at the mess that is online holiday shopping is an excellent guide for coordinating your multi-channel promotions:

If you’re curious about the content of the webinar, there was a lot of fluff about how “people are excited about the holidays.”  I’m glad they reminded me… 😉

But to their credit, the main point was integrating YouTube into your total digital & social presence. Bombay Sapphire was praised for doing this well- and making it look good too:

Learn More

Every now and again I have an “Ah-ha” moment. It’s the personal, dramatic pause that starts you immediately contemplating life, love and the outlook of the New England Patriots.

This particular event is brought about by technology: I’m currently riding the MBTA commuter rail out of Boston and blogging on my new iPad.  Tweeting from my iPhone was big, and this seems like the next phase in the mobile evolution.

I’ve been reading “Startup” by Jerry Kaplan- it’s the fascinating story of the development of pen computers in the 90s.  These 4lb writing tablets utilized a digital pen and spurred the industry through many steps to the device, 20 years later, that I currently write this post on.  The book warrants it’s own post when I’m finished- and ironically, a keyboard to write it!

The iPad has a large keyboard, especially when turned on it’s side like I have it now.  It’s not all that easy because my fingers are used to resting lightly on the “home row.” Rest your fingers on this puppy and you get baby speak, as if a baby were slamming his fist on your laptop!

Wow! This WordPress app just crashed- thankfully it occurred *after* I just clicked save.  So with that in mind, I’ll count my blessing and end this post from the tech frontier!  

Learn More

Passwords are great! They keep thieves out of bank accounts, ex’s out of Facebook accounts, and spies out of virtual vaults filled with top secret information.

This is true, assuming your password isn’t actually “password” or some other easily guessed word.  ZDNet did an analysis of a recent RockYou.com server breach and found that the most used password wasn’t actually a word.

It’s “123456”  Can you believe it?  I mean come on people, 123456?!

The rest of the most frequently used passwords are equally ‘fascinating’ from a human behavior perspective.  Check out the rest of the list from the ZDNet article.

Thanks to ZDNet for the image!

The different variations of 123456 aren’t too surprising and for YEARS we’ve known that *everyone* uses “password” for their password.  I suppose I’m not so shocked to see it still on there.  “Princess” is a little funny as is using your own name (at least you won’t forget it right?).

But “monkey?” Seriously? 15,294 RockYou.com users all picked that one.

In an effort to protect people from their own laziness, many networks require that you add extra elements into passwords such as symbols and numbers.

Adding a number increases the possibilities of each character in a password.

For instance, if your password was only one character long and it was restricted to the simple alphabet, there would be 26 different possibilities for that password.  If that same one character password included both alphabet and numbers, you now have 36 different possibilities. (Don’t forget that “0” zero counts for numbers!)

Now, typically you’re required to make a password at least 6 characters long. Using the above policy of letters and numbers, a minimum 6 character password with letters and numbers (not case specific) would result in:

1.0314424798490537e+28 possibilities!  (Calculator) What’s that look like without the scientific notation?

10,314,424,798,490,536,936,184,856,096 (Converter)  (Lot’s of passwords for your ex to try!)

Thanks to SECTools.org for the screenshot!That’s a pretty secure looking number! You can see why passwords encourage and sometimes force you to have both letters and numbers.

The problem is that there are a multitude of password crackers out there. These simple ap

plications are designed to figure out your secret as quickly as possible!

These little tools have bad-ass hacker names like “Cain & Abel,” “John the Ripper,” and “THC Hydra.”  And the easier your password is the quicker they get the job done!  Sometimes they’ll even start with the most popular possibilities because they know so many people use them! (That means you, Mr or Ms. I-Use-123456-As-My-Password!)

As tools to break passwords get stronger, network administrators realize that passwords have to get stronger.  Rather than leave your bank account password up to the peasants, they’ve instituted marshal law on your creativity.

Here’s an extremely heavy password policy from a financial company:

Are you overwhelmed yet? You’ll need to create something between 8 to 12 characters long with at least one upper case letter, a lower case letter, a number, and a symbol.

Furthermore, don’t even think about repeating too many of these characters!

Oh and by the way, as soon as you come up with something clever, that you’ll actually remember, the password will likely expire and you’ll have to invent something totally new!

And it’s this last part, the time before expiration where they really get you.  Because unless you can figure out a password creation system that is flexible for monthly changes

(that you can remember), then you’re doomed to either write it down somewhere or click on that “Forgot Password” link of shame every time you want to log in.

When I quizzed Twitter about this frustrating trend, a few tweeple chimed in:

  • @RichKolb said “Sites that don’t allow symbols are what frustrate me, the stronger the password the better!”
  • @DigPhil said “TD Bank; hides your username as you type”
  • And also a thanks to @Brett_Ski for the RT.

First of all, Rich, you’re a monster! It’s people like you that will drive our network admins to require a blood sample along with a 24 digit code! haha!  He must have a cool system down that works well with the latest requirements.

Rich brings up a good point though. Almost every site you go to has different requirements and once you’ve got a $up3r password figured out, it’s hard to go back to just letters and numbers!

It’s craziness like this that drives people to use RoboForm and the multitude of other pas

sword management tools.  These solve the immediate problem of remembering all of your passwords, though I’m sure information security experts cringe at having all of your eggs in one basket!

I’d like to thank Phil for pointing out how extreme TD Bank has gone by hiding not just your password but your user name as you type! You’d better be sure of those typing fingers!  One false move and you get the “wrong password, idiot screen.” Three false moves and you might just be locked out!

Thanks to Roger's Info Sec Blog

The future… What’s a blog post without a hat tip to the future?  I’ll bet you that just as our grandparents are amazed that we have to use passwords, our grand children will be too! (If you already have grand children, then insert 2+ generations.)

Business, government, and military have been experimenting with cards, scans, and all sorts of identification tech for decades now.  Depending on how well these tools play with privacy avengers, passwords may go the way of 3.5″ disks!

Note on Comments: If a site is frustrating you with their password policies, feel free to hate on them in the comments! 😉

Learn More

A few minutes ago, while logging into Google Adwords, a friend & coworker Emilie (@EmilieKBaker), did a double-take then asked me a question:

“How do you spell customer?”

“C. o. z. t-” started my joking response.

“No seriously. Take a look at this!”

It’s then that she showed me the splash image for a video on the Google AdWords homepage (seen below).

How long does it take you to see their goof?  Hint: It’s not the tiny text!

“Attact more costumers” Really Google?

Now I’ll give them a free pass on costumers, as that is a real word and wouldn’t be underlined by SpellCheck.  I wonder how many levels of engineers it passed through before being approved?

However, I can’t give them an excuse for “attact.”  Even as I write this quick blog article, the word attact is being underlined every single time thanks to WordPress.  (And it’s getting just a little annoying, haha.)

To see the blunder yourself, visit www.adwords.com.  After you get redirected around the planet, you’ll see a video on the left hand side with the goof.  If you’re an adwords regular, however, you’ll need to login with a browser you don’t normally use to view the site as you’ll be cookied and shown a different page with a static image instead of a video.

This is a fun reminder that the bigger you are, the more important your use of SpellCheck becomes… Cheers!

Learn More