|
I like the haiku requirement!
|
|
|
|
|
Another Microsoft failure on creating a simple form!Lol I laughed a lot with your post.
|
|
|
|
|
I always had the idea that the best way to authenticate a user is to rely on their mailbox.
1) User enters email address and clicks the Login button
2) Website sends email to that account with one-time link
3) User clicks one-time link and that authenticates him into the site
Thoughts?
|
|
|
|
|
It ain't to bad..
Particularly nowadays where one can read personal email on their phone easily!
|
|
|
|
|
Email is a really bad way to provide authentication. There is no standard method for authentication in email clients and email has no guarantees of confidentiality or data integrity in transit.
It's used at the moment for password recovery but it's far from ideal.
OpenID and OAuth are worth looking into. OpenID for authentication and OAuth for authorisation.
|
|
|
|
|
Yea thats the right way of doing it. This was more along the lines of something that only needs to be `as-secure-as` your email account. Perhaps the website is a serverless architecture and it uses your email address as your username and for communications, but beyond that it careth not.
Like I said, it was an idea but I haven't found a use-case for it just yet.
@dthompsonza
|
|
|
|
|
And the password to my email account is 'password' right?
Email is not secure though. I think pretty much anyone can read emails flying around the Internet, and anyone I know with imap or pop access don't use ssl as default, which is crazy.
|
|
|
|
|
Yeah, no access to email. No log on. Its no good.
|
|
|
|
|
In a recent ground-up rebuild of an application, I had a related argument with the project lead/client. I tried insisting that we should include no forced rules, but instead provide a strength meter based on the zxcvbn library.
My argument: a users password is a users password and who are we to define what is a "correct" password? Instead, we should warn against perceived password strength and accept what the user provides.
Final decision? A password must be at least 7 characters long and contain at least one letter and one number. *sigh* "pass123" is considered a "very strong" password.
|
|
|
|
|
Yeah, I know about that, I don't blame the developers!
Although.. this is Xamarin[^] we are talking about in this case! I think I should blame the developers here!
|
|
|
|
|
I use an online GUID generator. I change the case of the first Alpha.
And I tell chrome to remember it.
No security here.
|
|
|
|
|
More and more of my passwords contain disparaging comments about the very service it's for because of this very reason.
Is it me or do most of those "I forgot my password" temp. passwords not follow these rules to make a complex password?
Ex: Must contain: an uppercase, lowercase, symbol, number, an international airports abbreviation, a 4 digit prime number, your blood type and must be 20 characters long...
"I forgot my password"
Your temp. pw is: 1947
?! >_>
|
|
|
|
|
I never could understand why the Kerberos authentication service didn't catch on. It has a a true beauty in its protocol design. Second only to encryption algorithms it must be the most thoroughly analyzed protocol in the entire networking world, and no serious flaws have been found. A truly high quality open source code implementation is offered.
Kerberos is ready for use, and has been for about thirty years. When it was new and being talked about, in the late 80s and early 90s, some academics took pride in pointing out limitations (such as how to forward authentication and authorization to a backend server in a reliable way) - but evem though there were proposed alternative solutions to handle such issues, that's not what we are using today. We use extremely primitive solutions, with numerous weaknesses that would have been cured by adopting Kerberos.
The market forces didn't want Kerberos. They wanted poorer solutions, and got it.
|
|
|
|
|
Watched a great 4th July firework show last night. Also spotted a number of large drones appearing to cover the event. I thought the first I saw was a dirigible but it was either too small or too high. Then I spotted several more so it was either an alien invasion or drones. I'm going with drones.
|
|
|
|
|
R. Giskard Reventlov wrote: 4th July
R. Giskard Reventlov wrote: alien invasion
Has to be. That's the day they always invade.
|
|
|
|
|
Exactly.
|
|
|
|
|
How would you tell the difference?
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
Common sense?
|
|
|
|
|
This is irresponsible of the owners. While it is harder to knock any aircraft, large or small, out of the sky than most people think, sooner or later it is going to happen. The rotors spin realy fast and any contacht with another object destroys them and most multicopters can't compensate the loss of one rotor, especially when it has only lost one blade and starts to wobble.
Larger multicopters can easily weigh up to 10 pounds, the heaviest single parts are the batteries. My (traditional) helicopter weighs about 8 pounds, half of which goes to the two flight batteries with about two pounds each. You don't want it to fall on your head without warning and you also don't want any contact with the main rotor. It can kill, which unfortunately already has happened when the owner lost control over the model.
The language is JavaScript. that of Mordor, which I will not utter here
This is Javascript. If you put big wheels and a racing stripe on a golf cart, it's still a f***ing golf cart.
"I don't know, extraterrestrial?"
"You mean like from space?"
"No, from Canada."
If software development were a circus, we would all be the clowns.
modified 5-Jul-16 13:37pm.
|
|
|
|
|
Yeah - watched the Canada Day fireworks and near us was a guy with a (loud) drone watching the fireworks through his phone.
There, in front of him, in full Read-D, were the fireworks.
He is glued to his screen watching it via the drone.
It was the perfect symbol of everything I hate about the misuse of technology. It was actually sad.
cheers
Chris Maunder
|
|
|
|
|
I have no idea who was controlling the ones I saw but, yes, that is sad.
|
|
|
|
|
|
Back in the good old days, when I worked in C++ I would use the class view in Visual Studio as my primary means of navigation. When I switched to .NET, I stopped using it and switched to solution explorer which seems to be the norm amongst the .NET crowd.
These days, I tend to use Resharper to get where I want to go quickly, but let's not muddy the point with that.
Thing is, I don't know why I switched (it might be the presence of annoying namespaces), and I still think in classes rather than files - don't we all? Today, I'm going to go back to the old ways to see how I get on.
Do people still use class view or know the cause of its demise in popularity?
Regards,
Rob Philpott.
|
|
|
|
|
Probably because the best practice in .net is one class per file and to use folders for your namespaces so in a way the solution view kinda is the class view, but you get all the other stuff as well that aren't classes.
Though I dare say most VB.net solutions probably warrant the class view more
*find Form14*
*find TextBox31*
*or is it Button17 I'm after*
|
|
|
|
|
I've never used class view.
|
|
|
|