- Stop Password Masking (#)
Nielson’s arguments regarding usability are valid. His case of users employing overly simple passwords or storing them in a text file I also believe to be accurate.
However, one of the introductory paragraph’s falls down pretty hard.
Of course, a truly skilled criminal can simply look at the keyboard and note which keys are being pressed. So, password masking doesn’t even protect fully against snoopers.
There are few cases regarding anything where a single tactic can “protect fully against [baddies].” Heck, by brushing my teeth doesn’t protect fully against plaque — shall I make the argument that one should not brush their teeth?
However, the bigger issue is in the sentence preceding that:
Most websites (and many other applications) mask passwords as users type them …
Here he is pushing the “blame” for this OS-level security onto the Web industry. Sure, Web designers and developers could choose to stop using
inputform elements with
typeattributes. But users would lose all faith in the Web site’s security the moment they saw their password in plain text. Further, the security benefits from the special treatment operating systems give to password inputs would be lost.
Nielson needs to be making this argument to OS vendors. Until showing passwords in plain text is the norm at the OS level, users will not stand for it at the Web level. Web sites will lose more business by accepting this practice immediately than they ever will by showing the users a “line of bullets.”
- Anonymous Pro (#)
Anonymous Pro (2009) is a family of four fixed-width fonts designed especially with coding in mind.
A lot of attention has gone into this family. I have started using the non-antialiased 11 pt in the Terminal and I love it.
- Making A Better CMS (#)
Though the article is four years old, I think the CMS landscape is about the same now as it was then. I find all of this relevant, but two points particularly stuck out to me.
Write task-based documentation first.
Most systems have installation instructions that are quite good: “First do this, then do this, this, and this.” But when it comes to actually using the CMS, they revert to feature-based docs, carefully outlining what each feature does, and typically from a back-end perspective.
Remember, I want to get started quickly, so give me the basics in sequential order. Do I have to create users first? Can I make a template right now?
I am currently starting a CMS documentation project and will need to keep this in mind.
Separate CMS administration from the editing and management of content.
I know most systems have the notion of administrator and user; I shouldn’t have to switch accounts to make changes. I mean separate them in the interface.
Remember: 98 percent of your audience will be using the CMS to manage their Web sites, not to manage the system. Yet most systems are optimized for the other 2 percent.
Too often the admin-y bits of a CMS are presented to a majority of users just because that is the easy way to do it. One must take the time to compartmentalize the admin bits and keep them out of the way of everyone else.
- The taste of shame and humiliation (#)
My feelings are in line with Jacob’s. I’ll refrain from further comment.
- Leopard, SSH-agent and Macports (#)
Recently my friend and colleague Travis Cline was helping me re-set up my SSH configuration in a more secure manner. Particularly we were enabling agent forwarding.
I don’t claim to know anything about SSH or agent forwarding — you’ll need a friend like Travis or a Google search to help you there. But I do know that the agent forwarding was not working. We kept finding discrepancies about when the Mac OS X SSH was being used and when the Macports one was, and it kept things from working properly.
- Meetup’s dead simple user testing (#)
This is user testing the way it should be. For the Meetup it’s a way of life. A simple, painless, yet profoundly useful part of every day. I also like this statement:
Obstacles to getting real feedback are now mainly cultural, not technological; any business that isn’t learning from their users doesn’t want to learn from their users.
- Autocomplete widget for django-tagging form fields (#)
The Django admin is fantastic, but it is little things like this that can make something soo much more enjoyable to use. I am excited to try this out.
- The eyeballing game (#)
This is a fun little game. I scored a 4.71 (lower is better). The parallelogram was my downfall.
- Django admin skin: django-grappelli (#)
This is sexy. I am going to try it out. However, I think I may end up branching it for my own use. I can’t handle how messy the media directory is. :)
- Quotation Marks & Texture (#)
More of Jon Tan’s reasoning regarding his style of typography and the Web.
Good typography in running text is subtle and ambient. It enhances the text without interrupting it. It delivers meaning with clarity. In books, speech is mainly quoted in single marks. It’s a light touch. The typography removes itself from the picture being painted in our minds, and by doing so, allows it to shine. I’d like to achieve the same kind of light touch, here. I doubt my text will shine, but at least the typography will not distract you from my thorny prose.
- Django Pony (#)
My favorite bit is the tag line:
Magic that can’t be removed
- Marking Required vs. Optional form fields (#)
On the Interaction Design Association (IxDA) discussion list, Erin Walsh:
We recently did prototype testing on several search forms with a mixture of required and optional fields. On the team we were split on the best approach, so we tried to distinct methods: one with optional spelled out, the other with those fields having a different visual indicator. Though the sample size was limited, the “Optional” won hands-down. Remarkably, some participants even commented on how much they liked that it said “optional right there”. I know our UI team was not thrilled, but it was extremely advantageous to spell it out rather than use an icon or other visual indicators.
- Git: version control for designers (#)
- Git cheat sheet (#)
- Typeface != Font (#)
An easy-to-read explanation of the history and current situation of those words. I also like Jason Santa Maria’s comment.