ReFRACKtoring

Once in a while one find itself on a task where numerous WTF moments appear. You can imagine such a task?

Yes you can. It’s adding new features to legacy code/database or to a ‘WTF’ code base.

A ‘What the F***’ code base, a collection of lines of code that make you shout WTF more than is healthy. You can usually hardly call it a program. It’s a collection of blunders after blunders. Not testable due to lack of interesting unit tests, thus not refactorable (if that’s even a word) without adding a unit test.

And then comes the day. ‘Hi mister, we’d like feature X, Y, Z added to this application.’  You say, ‘ok’ and come back with a rough estimation after carefully reading the specifications. Architect and Programmers decide: ‘Should take about 4 weeks in optimal man days’, what the client then hears that it will take around 3 months. And so the waterfall started spoiling it’s liquid.

Continue reading “ReFRACKtoring”

Children’s wisdom

Today.
The first thing I noticed when exiting the train in Antwerp Central Station.
A police officer with a semi automatic machinegun.
The aftermath of the Charlie shooting in Paris.

Second thing: it doesn’t make me feel safer. On the contrary. I feel uncomfortable and don’t trust it.

In the evening when I tell my seven year old son what I saw, he replied: ‘No, it can’t be. Cops  do not carry machine guns’

Now that’s real wisdom.

Stupid Password Requirements

The most stupid password requirement I met this year.
I’m sorry I can’t recall the site it came from.

Minimum 8 characters
Maximum 32 characters
At least 1 Lowercase letter (a-z)
At least 1 Uppercase letter (A-Z)
At least 1 Number (0-9)

Now then what should a password be made off?

If you search the internet for that, you come across many different statements. But as far as I know, there is only oen good rule. Make you password as long as possible, then it’s harder to do a brute force attack on it.

There are people saying things like

Make up a sentence you can easily remember, take the first letter of every word in the sentence, and include apunctuation or turn numbers into digits for variety. Then ‘I have two kids: Jack and Jill.’  would become Ih2k:JaJ

Queen Sylvanas, would turn in here grave if she wasn’t undead already. You’re better off using the sentence then the ‘shortened’ version. If it comes to attacking your account (not by social engineering that’s a whole other story)  which one would be the first to be found? the shortest one of course.

There for as a programmer or architect you should seriously reconsider if you have limits like your password can only be 32 characters long. At least 256! People should be able to wirte a book as password. A book they remember, they know by hearth.

As a user of a website or service you should complain if you get stupid password requirements! Ask for the possibility of something long with any character you like. Not with obligatory weird character and punctuation marks, they are just fooling you that you are more secure with a password of 8 chars and a number…