17th January 2008 - Link Blog
8 More Design Mistakes with Account Sign-in (via) Second of a two part series by Jared Spool. I agree with all of them with the possible exception of #15 which advocates providing a non-email password recovery solution. Security “questions” are usually dreadfully insecure, and introduce the need to lock users out of their accounts after just a few tries.
Recent articles
- The new GPT-5.6 family: Luna, Terra, Sol - 9th July 2026
- sqlite-utils 4.0, now with database schema migrations - 7th July 2026
- sqlite-utils 4.0rc2, mostly written by Claude Fable (for about $149.25) - 5th July 2026