How not to ask a newly registering user for a password

Found Tenet spies! These guys are moving backwards in time.

I find this astounding. I was just working on a workflow that deals with setting passwords, and we try to make passwords more complex, requiring special characters and a certain length. These guys (Fidelity, to be exact!) are moving backwards in time, restricting your password to only certain special characters and not others.

I see absolutely no good reason for this. If they are concerned with a sql injection attack, they need to solve that internally without sacrificing user experience.

Actually, after clicking through some of the other workflows on fidelity website, I couldn’t even click a “continue” button, and there was no error. Inspector said there is a 500 code response from the backend. Therefore I give Fidelity’s technical team a low rating of 2/5: not trustworthy. I understand that technology is hard, but also they have money to hire people, and they should really get on top of their own tech stack.

OKR = objective and key result

Objectives and key results (OKR) is a goal-setting framework for defining and tracking objectives and their outcomes.

The development of OKRs is generally attributed to Andy Grove, the “Father of OKRs”, who introduced the approach to Intel during his tenure there and documented this in his 1983 book High Output Management.[1] Grove’s simple but effective concept is explained by John Doerr: “The key result has to be measurable. But at the end you can look, and without any arguments: Did I do that or did I not do it? Yes? No? Simple. No judgments in it”.[2]


Cone of Uncertainty

In project management, the Cone of Uncertainty describes the evolution of the amount of best case uncertainty during a project (Construx n.d.). At the beginning of a project, comparatively little is known about the product or work results, and so estimates are subject to large uncertainty. As more research and development is done, more information is learned about the project, and the uncertainty then tends to decrease, reaching 0% when all residual risk has been terminated or transferred. This usually happens by the end of the project i.e. by transferring the responsibilities to a separate maintenance group.



On naming (in software)

This is a piece of a conversation that took place elsewhere, a commentary that I think people might find generally useful – therefore, I’m posting it here.

Just for the record, the reason `withassets` is one word (I understand it’s not very English) is because (1) “with” is one syllable, and (2) it’s a single token.

On counting syllables: I prefer names that are short, while still being descriptive. Previously, I named something “more notes” when some reviewers favored “additional notes”. Generally, I think 2-3 syllables is a good length for a name. Good examples: facebook, instagram, google, sprokets. Bad examples: wikipedia, asset pipeline.

On lack of underscores: an underscore is safer than a dash (which is a mathematical operation), but it’s still a special character that separates tokens. I saw a client database where table names were just a-z letters, no capitalization, no other chars. While other readers ridiculed that choice, I found it interesting. `withassets` is a sub-environment so to say, and it’s one thing. It’s not separable into “with” and “assets”. If there is ever a need to have `development_withcache`, `development_withssl`, splitting environment name by underscore clearly gives you the major and minor parts. Introducing an underscore in the middle of a token may require more complex parsing.

2020wk13 scrum

20200228 Sat

  • cleaned up google storage
  • cleaned up facebook. from 1000 friends to 10.

20200322 Sun

  • Cleaned up some content – this shelter-at-home situation allows me to do some major cleaning
  • cleaned the house, too.

2020wk10 scrum

20200308 sun

  • docker, css themes
  • spec’d

20200307 sat

  • finished reading “consider phlebas”
  • some ionic,
  • some content

20200306 fri

  • being social

20200304 wed

  • Studying react

20200303 tue

  • onboarding

20200302 mon

  • Onboarding
  • Handed BJJC off and hopefully no more time commitment from me on this one.
  • made personal archive more robust, removed some PPI that shouldn’t’ve been there

20200223..30 Updates


  • Assigned a task to graphic design guy
  • reviewing backend work today.


  • handed a piece of work to frontend – getting closer to having a functional app!


  • Client communication
  • Iterating on mockups
  • preparing mock data


  • reviewed the way to setup ionic, and
  • reviewed the way to setup microsites3
  • communicated requirements to two new coders: front and back
  • iterated on “watcher” functionality
  • communicated with a client


  • pushed a fix to WasyaCo that re-allows actually sending me messages from the form
  • Did frontend work today

20200222 Updates

  • More exciting graphics are coming!
  • Did some projections for profit and loss on the TGM project
  • Solicited some feedback on the business plan, awaiting feedback
  • Wrote some more technical requirements.
  • Deployed the next development version – nothing is ready to show, but the team still needs to look at the current version in detail.

20200220 Updates

  • Did homework for UoPeople
  • Wrote a bunch of specification for… surprise project!
  • Practiced technical problem solving
  • Wrote a bunch of code, reviewable on github, for a… project. I need to come up with a name. How is Warbler for a name?