How to Choose a Secure Password you can Remember

As a web developer I have access to many of my clients’ passwords, and have noticed that many of them are not as secure as they could be. Here are some recommendations.

What Not to Do

Avoid passwords such as ‘password’, ‘secret’ with a single number added, or those that use your name, business name, or a family member’s or pet’s name. With social media so popular these days, a hacker can usually find information about your family online, making it easier for them to guess your password.

Avoid choosing an obvious word and then adding the year to create a pasword. I see many users doing this. For example, let’s say they are creating a password for a library, they might choose library2007 as the password. Hackers are probably familiar with this common approach and would have written code that tries guessing passwords like this.

So how can we choose a secure password that we can actually remember?

What To Do

We’ve all seen the recommendations: include an upper and lower case letter in your password, and a number. Some web sites force you to include a punctuation character in your password as well.

A great way to create a password is to think of a phrase and turn the initials or words into a password. To incorporate the number, you might choose to change any letter o’s into zeroes and letter L’s into ones.

For example, if you ran a pet store, you might think of the phrase ‘I sell cat food’ and then change it to Ise11catfood (where the two L’s are changed to 1’s). Or it could be Isellcatf00d (where the two o’s are changed to zeroes.) Then it is easy for you to remember, but hard for people to guess. To add punctuation, you could put the whole password in brackets e.g. [Isellcatf00d] or add an exclamation mark e.g. Isellcatf00d!

Keeping Track of Your Passwords

It’s not unheard of for me to spend over 10 hours helping a new client get access to their hosting, domain registration and content management system accounts in order to start working on their site. It’s not just that they’ve forgotten their passwords; often they don’t even know which companies they are dealing with.  Then, once we’ve identified that, in order to retreive the passwords, we have to prove to those companies that the client has a right to access that account.

This scenario  is especially common with non-profit organizations where there is relatively high turnover in volunteers and board members, and the email address on file with the account is no longer accessible by organization members. If you were to bring in a new web developer today, would you have the information handy that they need to get started on your site?

At best, not having this information can cost you unnecessary expense. At worst, it can lose you control of your domain.  That can happen if the domain expires (perhaps because you couldn’t log in to update your expired credit card information) and then someone else grabs the domain.

You should know the account information for the following:

• All your domain names. These may have been purchased from the same company you purchased your hosting from or from a separate company.  If you have more than one domain they may have been purchased all on one account or under separate accounts.
• Hosting for your web site(s). If you have more than one website, they may share hosting or they may have separate hosting.
• If you use a Content Management System (CMS) like WordPress, Joomla or a shopping cart, you should know the administrative account information for that CMS.

Here’s what you need to keep track of for each account.

1. The URL that you log in at. It’s not much use having a username and password if you don’t know where to use them.
2. The username. This may be your email address, but don’t count on that. It’s best to record the username for every account.
3. The password. For security reasons you shouldn’t be using the same password for every account. So you’ll want to track your passwords.

There are various tools around that will store you passwords in a secure way.  Here are reviews of some of those systems.

5 Tools for Keeping Track of Your Passwords

10 Free Ways to Track All Your Passwords

What You Said:  How you Keep Track of Your Passwords

Don’t forget to update your password tracking system any time you change a password.

Vector Graphics vs Bitmapped

Source Files

Sometimes your web designer or graphic designer will ask you for the “source file” for your logo, a brochure or another graphic, so that they have a high-quality graphic to use as the basis for a design.

If the item is a photograph, the designer will want the file that came directly out of your camera (as opposed to one that has been made smaller for the purposes of putting on a website or emailing). Depending on the camera, the source photograph is likely to be in either .jpg, .jpeg or .tif format.

If the item is a graphic design, the designer may request a source file; by this we mean the file that the graphic was originally created with. Graphics are often created with one of the Adobe suite of applications, such as Illustrator, Photoshop or InDesign. The file extensions of these applications are:
Adobe Illustrator: .ai
Photoshop: .psd
InDesign: .ind

Sometimes your designer will ask you for a vector graphic file. Vector graphics files are usually in one of three formats:

• Adobe Illustrator: .ai
• Encapsulated Postscript: eps
• Portable Document Format: .pdf

However, just because a document is in PDF format, doesn’t mean that it contains your graphics as vector drawings, because PDF files can contain both vector and bitmapped graphics. Here’s the difference.

Bitmapped Graphics

A bitmapped graphic is made up of lots of little rectangles (known as pixels) of solid colours. You may not notice those rectangles when the image is displayed at its intended size, but if you zoom in on a bitmapped image, you can start to see the rectangles. In the example below, the first picture is shown at its desired size, while the second picture is zoomed.

All photographs taken by digital cameras and files created using Photoshop are bitmapped. THe following types of files are bitmapped:

• .jpg
• .jpeg
• .bmp
• .gif
• .png
• .tif

Vector Graphics

A vector graphic is actually specified mathematically in the file. It can be zoomed indefinitely large without showing any pixels because it can be scaled up mathematically by the application that is doing the zooming. For example, if you have a PDF that contains only vector graphics, you can keep zooming it and zooming it and you won’t see any jagged edges made up of solid colour rectangles. Vector graphics are useful for your designer because they can save the graphic at any size needed without degradation in the quality of the image. (Bitmapped files can also be resized, but in some cases the resized image will be noticeably poorer in quality than the original.)

PDF Files

A PDF file can contain all vector graphics, all bitmapped graphics, or some of both. They easiest way to test if a PDF file is all vector graphic is to zoom it up large (try 800%) to see if rectangles start to show.

Resolution

Sometimes all you have is a bitmapped graphic (for example when you’re using a photograph). In that case, you’ll want to provide the webmaster with the highest resolution file you have. The resolution refers to the number of pixels (rectangles) across the width of the image and the height of the images. For example, the photo from your 8 megapixel camera might be 3264 pixels wide and 2448 pixels tall.

Online vs Print

The resolution of your photographs is particularly important when your designer is creating something that will be printed out, like a business card, magazine ad, or brochure. This is because paper is capable of showing much more detail than a computer screen and we want to take advantage of that feature. Although the number of pixels displayed per inch on a computer monitor varies from monitor to monitor, the standard is 72 pixels per inch. Compare this to printers, which can print 300 or more dots of ink per inch.

So if you have a photo that is 1080 pixels wide, it would display around 15 inches wide on a computer monitor, but only 3.6 inches wide on paper. So that photo is going to be quite useful for your website, but not so useful if you want to create a poster.

Doing the Math

Let’s say you have a photograph to be displayed on your website that you want to be around 3 inches across. The width in pixels will need to be at least:
3 inches x 72 pixels per inch = 216 pixels wide

If you want that same photograph to be printed out on paper around 3 inches across, the width in pixels will need to be at least:
3 inches x 300 pixels per inch = 900 pixels wide

Something to be aware of is that images often don’t scale well to sizes that that are just a bit smaller (say 80%) than the original image size. If you want a 900 pixel wide image to be printed, it’s better to give your designer a 2700 pixel wide image than a 1000 pixel wide image.

Also, note that bitmapped images do not scale up well. The rectangles are going to start showing. Although there is software on the market today that purports to “res up” (increase the resolution) of bitmapped images, there are significant limitations to what is possible and the image is likely to be blurred by the process. (More more information on that, read this article on About.com).

The Science of Email Marketing

Review of a Teleseminar Presented by Dan Zarrella of HubSpot

I recently attended this online seminar, and was surprised about some of the things I learned. It’s about an hour long, and you can view it here:

http://www.hubspot.com/the-science-of-email-marketing

Dan obtained access to statistics for 9 billion (!) emails sent using MailChimp, and analyzed them. He also held focus groups and received several hundred responses to a survey. Here are some of the findings Dan presented, along with my own thoughts.

When Should I Send Emails?

It’s a myth that business to business communications are different than business to consumer communications

It turns out that about 88% of people do not have separate work and personal inboxes. They read their personal and work related email from the same inbox, so personal emails get read at work and work emails at home. And most clickthroughs (clicking a link in an email to find more information) happen on the weekend. Perhaps this is because readers feel they have more time on the weekend to do this.

On top of that, it turns out that the days people are most likely to unsubscribe from your emails are Mondays and Tuesdays. So it’s not a bad idea to send your marketing emails on weekends, when they are more likely to be clicked through and when unsubscribes are not that high.

Data also showed that there is a sharp spike upwards in clickthroughs first thing in the morning. There is also a spike up in unsubscribes at that time of day, but the net effect is that it is still best to send early in the day.

How Often Should I Send Emails?

This one totally surprised me. Turns out that sending frequency doesn’t affect clickthrough much. Although sending once per month gets the best clickthroughs, sending more often gets only slightly fewer click throughs per email. The surprise for me was that sending often does not substantially increase unsubscribe rates. And since you’re really interested in the total number of clickthroughs not the rate of clickthroughs per email, you get better results by sending more often. So Dan says “Don’t be afraid to send too much.”

This may be because most people who don’t want your emails will unsubscribe on the first email they receive (something the data showed). After that you are dealing with people who are more likely to want your emails. As long as you are giving them value in each email, they are not that likely to unsubscribe.

What Format Should my Emails Be?

80% of users queried indicated that they read email on mobile devices, so optimizing the presentation of your email for mobile devices is likely to increase your clickthrough rates. This may mean doing a text-only email instead of HTML, or it may mean formatting your HTML to work nicely on mobile devices.

What Content Should my Emails Contain?

Including valuable reference information in your emails encourages people to want to receive your email and to devote some time to reading it. So include content, not just advertisements.

People interviewed indicated that their favourite emails were those that made them feel special – part of a select group. So give them something only subscribers get. This might be access to special information or discount codes.

Include multiple links through to your website, too. Data showed that the more links in your email the more clickthroughs you get per email. This may be a result of the reader having received various types of invitations to click and finally encountering one that “speaks” to them.

Interestingly data also showed that there was also less unsubscribing when there are more links. So find opportunities to incorporate more links into your email. Try out different invitations to click.

Instead of including a request asking people to forward your email to friends or colleagues who might be interested, ask them follow you on a social network like Twitter. They are more likely to do this and eventually those who follow them will become aware of you.

What Words Should I Use in Email Titles?

People often wonder what words to use in the title. I always assumed I should focus on the topic of the newsletter, and leave out what seemed like “wasted” words like “Newsletter”, “eNews”, “Issue” etc. Turns out that was a mistake. People are more likely to click through (which means they actually read the email in the first place) when words in the title indicated that is was a serialized newsletter.

Here are some of the words that showed up often in emails with good clickthrough rates.

• E-newsletter
• week’s
• issue
• digest
• bulletin
• edition
• news

This may not mean that just using those words makes a difference. It may be that serial newsletters in general get more clickthroughs. So try having a regular newsletter and making it clear in the title that this is what it is.

The From Address

Make sure you use a from address that the recipient will recognize. If they know you by business name, use that; if they know you by personal name use that.

Junk Email Accounts

Although people often don’t have separate work and personal email accounts, they often do have separate email addresses for receiving what they consider to be junk emails. (58% of people polled indicated they had a “junk” account.) The junk email addresses are what they use in order to access information, create accounts, or enter draws, from organizations whose emails they don’t want to have to read later.

To get them to give you their “real” email address, you need to offer something that will make them want to get your emails. This might be good informational content or time-sensitive offers they will be interested in. Seems to me, that when all is said and done, “Content is [still] king”.

How to Create a Link in WordPress

These instructions work for both posts and pages in WordPress.

1. Type the words that are going to link somewhere.
2. Select those words with the mouse.
3. Click the editor button that looks like a link in the chain. (This button doesn’t get activated till you select the text.)
4. Fill in the Link URL box. To link to a web page, the address should be: http://www.whatever.com. Don’t forget the http://. To make the link trigger an email to someone, remove the http:// from the Link URL box and type mailto:someone@whatever.com.
5. Click Insert.
6. Click Publish/Update back in the Add New Post/Edit Post screen.

You can link a picture too. Just insert the picture as usual, and then click it picture once (in the editor) and then follow steps 3 to 5 above.

How to Insert an Image in WordPress

These instructions work for both posts and pages in WordPress.

1. Click the cursor at the start of the paragraph you want to put the image beside. Even if you are going to float the image to the right, you still click at the left, before the first word in the paragraph.
2. Click the little image to the right of Upload/Insert, above the editor. (If you hover your mouse over it, a tooltip will display “Add an Image”.) The screen will go grey and a popup window will display.
3. If you’re going to use a picture that has never been used in the blog before, click the Select Files button in the popup and then find the picture on your computer. Wait for it to upload – you will see a progress bar that says “Crunching” while it uploads. Then go to step 5.
4. If you want to insert a picture that has been used in the blog before, click Media Library. Find the image you want to use and click Show to the right of it. Then go to step 5.

Read More»

How to Create a Post in WordPress

Here’s how to put an article in the blog.

• Log in to your WordPress blog. This is done by going to www.yourwebsitename.com/wp-login.php.
• Click Posts in the left hand column.
• Click Add New (either in the left hand column or using the large white button near the middle).
• Enter the title of the article, where it says Enter Title Here. To be consistent with the rest of the blog, use mixed case for the title. Try to remember to put the title in right away. Otherwise the page gets saved with a numeric URL, and we want a URL that has the title in it.

Read More»

Subscription vs Pay as you Go Email Marketing

There are various good options for sending out your email newsletters. These include Constant Contact, VerticalResponse and MailChimp. Later I’ll post a more detailed comparison of these three, but for now I’ll point out one significant difference.

All three companies allow you to buy a monthly subscription for their services; the more emails you need to be able to send out each month, the more you pay for your subscription. Vertical Response and Mail Chimp will also let you “pay as you go”, by buying “credits” which you can then spend on sending out emails. Just like stocking up on postage stamps, you use a certain number of credits to send out each email. (Unlike buying postage stamps, you also get a discount for buying larger quantities of credits.)

So if you send out emails infrequently and/or to small lists, you’ll save money by going with the “pay as you go” option, so VerticalResponse or MailChimp would be a better choice for you. In fact, MailChimp offers a free service where you can send out to a mailing list of up to 2000 email addresses. The catch? There’s a small MailChimp logo at the bottom of every email you send out.

Remember that you need an opt-in mailing list to use any of these mailout services.

Putting Together your Mailing List

There are many good reasons to consider email marketing for your business or non profit group, and some great tools available for implementation (topics which I’ll discuss in future posts). But I want to start out talking about the mailing list itself.

There are two kinds of mailing lists: opt-in and opt-out.

Opt-in mailing lists are lists consisting only of people who have explicitly agreed (“opted in”) to receive mail from you. Opt-out mailing lists are lists that contain people who have not explicitly agreed to receive mail from you, but which give recipients the option of being removed from your mailing list (“opting out”).

All kinds of national and international laws come into play when you look at sending out emails to a list of people. But in practice, I’ve found that the rules that are most likely to impact you, the sender, are the strict rules enforced by the companies that offer mailout services. And those rules require that you have an opt-in mailing list.

Read More»

A New Year… A New Web Site

They say the cobbler’s children always have the worst shoes…  he’s too busy making shoes for others.  So it was with Usable Web Designs own web site, which was first created in 2005, and has remained unchanged… till now.  I’m pleased to launch this new web site, to showcase our work and help you make the decisions you’ll need to make to renovate your web site or launch a new one.