Archive for the ‘security’ Category

Usernames

Thursday, September 27th, 2007

Usernames for most websites are based on UNIX conventions/standards. They are lowercase, usually begin with letters, and have no whitespace. Many sites offer a “display name” which is more flexible.

While discussing requirements for a new project, my first inclination was to do something similar, simply because “that’s how it’s done”, but someone suggested this method might be antiquated. After giving it a few days of thought, I tend to agree. “Old” user domains like AOL, Windows, and Slashdot have logins that have allowed spaces for years, yet most of even the latest, shiniest Web 2.0 sites go back to the 1970s for their guidelines.

We’ve even taken it a little further and not only can users use spaces, underscores, and dashes, these characters are ignored for purposes of uniqueness, because I’m guessing people’s brains will tend to stem these characters when it comes to memorizing them. So “Eric Savage” and “ericsavage” and “Eric_Savage” and even something like “Eri__c-SAVA g-_E” would all be the same.

When appearing in a URL or other machine-readable context, these characters are all changed to underscore and consecutive duplicates are eliminated, so the previous username would be “eric_savage”. Also, leading and trailing non-alphanumerics are stripped, otherwise we’d likely find users all naming themselves __alphadog so they appear first alphabetically. We could expand the list of which extra characters are allowed, but we’ll start off easy.

Questions:

Can anyone think of good reasons for why you should stick to UNIX-style usernames?
  • Should users on a community site be able to change usernames? [I'm currently in the "no" camp]
  • If changeable, should the change history be public?
  • Most people like short usernames, some people prefer long ones. What do you think should be the limit? [I'm currently thinking 20]
  • Is a short limit too ethnocentric?

    • Posted in conventions, internet, security, software, unix | 2 Comments »

    PuTTY: Custom Icons

    Thursday, June 14th, 2007

    PuTTY is the most popular free SSH client for Windows. It’s very stable and very lightweight, due to the developers keeping bloat out of the source. One piece of bloat that I would like to see is the ability to pick icons, which I find very valuable when working on multiple servers, a common task for most developers. Luckily it’s pretty easy to roll your own PuTTY, so I figured I would offer a little how-to here.

    1. Download and install Cygwin. I’m not sure which packages you need, as I typically just install everything.
    2. Download putty source code from here: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
    3. Open cygwin shell
    4. cygwin: mkdir putty
    5. cygwin: cd putty
    6. cygwin: unzip [wherever download is]/putty-src.zip
    7. cygwin: mv WINDOWS/PUTTY.ICO WINDOWS/PUTTY_ORIG.ICO
    8. Now put your icon (.ico) file in WINDOWS and name it PUTTY.ICO
    9. cygwin: cd WINDOWS
    10. cygwin: make -f MAKEFILE.CYG putty.exe
    11. You should now havea nice fresh putty.exe file in the WINDOWS directory, copy this wherever you wish.
    12. Copy the next icon to PUTTY.ICO and re-run make. Repeat until you have one executable per server.

    Posted in customizing, internet, security, software, ssh, windows | No Comments »