Everyone has one, you know you do.  When you sign up for an online service or register for a site you always use your "Go-To" password.  The one, if all others don't work, you try because you know it will be the one you could remember.  Password theft is getting easier and easier every day the more and more people use passwords like this.  You need to use a ridiculously long password with UPPER CASE, lower case, numbers and special characters sprinkled in the mix.  It's a password that you probably shouldn't be able to remember.

Well, your normal password maybe strong enough to fool a regular stranger because they don't know you but what about people that do know you or real password hackers who use automated processes to generate random strings of letters together and have patience beyond compare?  I love Jeff Atwood's comment:

"I have fifty online logins, and I can't remember any of them."  “What's my password? I can't use the same password for every website. That's not secure. So every password is unique and specific to that website...."

There are typically two camps on this topic.  One it to use a passphrase instead of a password and the other is to use software to keep track of your ridiculously long passwords.

A passphrase is normally a made up sentence including capitalization and punctuation (for more details see Robert Hensing's great post on the topic).

For example:  "IliketovisitWashingtonD.C.!" or "I'msittinginthetheDFWairport."

Both of these passphrases are long, have UPPER case letters, and special characters but they don't have any numbers but you've got a pretty strong passphrase that you could remember.  If you do something like this instead of your normal password you've increased your security ten times (not sure on the numbers but you get the idea).  I generally like this idea and have even tried it multiple times.  The only issue I've had with it was that my sentences were typically too long.  Most sites and services that require a password set the maximum length on the password at around 15-20 characters.  This would cause me to adjust my passphrase to make it shorter and turn it into a sentence that I couldn't remember for the life of me.  I could remember what my original sentence was but I couldn't remember what I did to shorten it so I was stuck.  I was able to reset my password but then had to come up with another sentence....the cycle started over again.

Software that stores your passwords kind of sounds like the opposite of secure.  One of the most known rules about passwords is to never write them down, period!  So how is storing your password with software any different?  All of your other passwords are secured using one primary password.  This one primary password should something very strong - like a passphrase.  :-)  This is the setup I've been using exclusively now for about 18 months and I really, really like it.  My software of choice is RoboForm.  I was a little hesitant at first so I did my research on the product and after the initial install I was scanning my system for spyware and "unknown" traffic a couple of times a day.  I did this to make sure nothing was leaving my system without me knowing it.

I wasn't really sure how RoboForm worked and how having it store my passwords could make a difference.  The basic is this - after RoboForm is installed a new toolbar is setup in your browser of choice (extension is available for use in Firefox).  When you hit a site that you have a password for, a button shows up in the toolbar ready for you to click.

After clicking that button it prompts for your primary password and then fills in and submits the page with your password for that site.  That's it in a nutshell.  Pretty straight forward and easy to use.  All of the files it stores on your system are hashed  with your choice of algorithm (DES, 3DES, AES, Blowfish, or RC6).  For me, the real genius here is that it also comes with a random password generator that I use to create new passwords and then store them in RoboForm.  The generator will create very strong passwords that I could never remember but I don't have to.  Roboform commands like this are accessible from the context menu.

So right now I've got 67 different passwords that I have no idea what they are.  But I do remember what my primary password is and I change it on a regular basis.  Yes, I do back up these files.  I use FolderShare to copy them back to my server at home so I have them in two places.

RoboForm has other cool features that I've learned about after using for a while but that'll have to be another post specific to RoboForm.  One such feature is Pass2Go that I suggest you look into as well.  RoboForm has a free trial version that limits you to 10 login accounts but never expires.  So if that's all you need then you're set.  To register the product is only $29 and then you've got unlimited login accounts and free updates.

Giddy Up!

I've been listening the Creative Pastor's podcast for a few weeks since I've been traveling.  The podcasts are repeats of past services at our church but they are still good and God always has something to say.  I've just got to listen.  Last year I posted about one of Ed's talks called "Stepping Up" and figuring out who is in your inner-circle.  This podcast is similar. 

Ed call's it "The Sway of They".  Meaning that the wrong "they" can mess you up but the right "they" can lift you up.  What did the wrong "they" influence you to do that you wouldn't have done had they not been around?  What did the right "they" influence you to do that you wouldn't have done had they not been around?

The wrong "they" is always wants based.  The right "they" is always needs based.  The right "they" have HE right in the middle.  Great leaders take people where they need to go; not where they want to go.  Where does God take us?  He always takes us where we need to go.  But are we listening?

Giddy Up!

Reading up on Rosscode, he says that we can get SQL Prompt for free..for a limited time.  I've been wanting to give this a shot so now I'll get it for free.  I've read it can do many things but my primary interest is getting intellisense while in query analyzer.  That will be cool!

I've really got to get a handle on how long the whole process of going through the terminal and security checkpoint is at the DFW airport.  The last two weeks I've cut it a little close but made it with just enough time to get on the flight before they closed the door.  This week I was not so fortunate.  I got to the gate with eight minutes to spare but they had already closed the door and gave away my seat.

I wasn't upset with the gate agent, it wasn't her fault I was late.  I was hoping that I could still get on the flight but I can empathize with her as I too was a gate agent at one time.  I understand the need to leave on time; to do that you have to close the flight about 10 minutes early to give the on-board crew a few minutes to get passenger's luggage stored and get the plane ready to leave.

So if you passed through MSY (New Orleans Int'l Airport) on Delta Airlines sometime between 1991-1993 I probably worked your flight.  I was that young college kid telling you that you needed to sober up or I couldn't let you on the flight.  :-P

Giddy Up!

On my current job I'm on as a W-2 employee even though it is a contract job.  I chose this route because I've never done full-time contracting before and I wanted to make sure I kept up with my taxes and the added benefit of getting insurance at a lower rate.  My wife and I had discussed going out on our own and forming a LLC but again, it's a little scary after being a full-time worker my whole professional life.

We may be revisiting our initial thought of going W-2.  We received our second pay check and I'm having to pay Kansas state income tax even though I live in Texas and a resident of Texas (Texas doesn't have state income tax).  I've not asked a lawyer or accountant on why that is but it seems off to me.  About six years ago, when we first moved to Texas from Kansas, my employer was still in Kansas and I didn't pay Kansas state income tax and I assumed the same would still be true this time - tax is based on where you live and not where you work.

I need to find out the real answer because if I'm going to be paying Kansas income tax I'm going to switch from W-2 to 1099 and start my own LLC.  With the amount of income tax I pay Kansas I could cover my own health insurance plus get the extra tax advantages of having my own company.

Because I'm so freaked out about the tax and legal side I've looked into companies like IProfessionals and MyBizoffice where you technically become their W-2 employee but still maintain all the flexibility of being independent.  They handle all of the back office work like taxes and expenses all for a  percentage of your gross billing.

Anyone have any advice or opinions?

All tests are free on Brainbench from May 15th - May 30th.  I didn't do this last year but I'm going to try and take a few test this year.  I've passed the two C# tests so hopefully that's a good start!

Learn more.

I heard a comment on this site, kayak.com, last night on the travel channel.  Man, it is cool.  They link directly to the hotel/airline/car agency to purchase the item at the listed price and when you click through they have you setup and ready to purchase.

If this site is not owned or operated by Google I would be surprised.  Just take a look at it and tell me it doesn't look like "Google Travel".  The functionality is great and a good user experience.

This is one of those errors that can drive you nuts while you dig down your class hierarchy and find the culprit.  You will typically create this error while not realizing it when you change the access modifier on a class that is being returned by a public method.  Why?  Because if you return a protected or private class from a public method the client of your public method cannot use the class that you just returned.

I know it makes sense but sometime you're coding a way and don't see it.  As a good programmer you know you need to keep your scope as narrow as you can; so you change something from public to protected or private and that's that.

After  few more minutes of coding you need to compile and then it hits.  This happened to me today and I couldn't remember where I made the change and had to dig for it.  Note to self:  If I make a change in accessibility, immediately try and compile.

This is a couple of weeks old but for those of you not on DirecTV and want the full feature set of TiVo....Stand alone TiVo's will now have dual-tuners.  This mean you can record one show while watching another, record two shows at once, etc...

The biggest benefit is the recording two shows at once.  If you've bought into "time-shifting" your TV watching schedule then there is no doubt that you'll agree with me on this.

In case you are wondering what I'm talking about, I'll describe it its simple form - don't watch live TV anymore.  Its a mind shift I know but once you've made the switch you are no longer on their schedule.  No need to make sure you are in front of the TV at 7pm for 24...you can watch it later after the kids have gone to bed or whenever your schedule says you can sit in front of the TV for 40 minutes.  Yes, not an hour (remember we can fast forward through commercials).  Having dual tuners means that if The Unit has a special episode on at the same time you're recording Ed Young it will be able to record both of them and you can watch both of them when you're good and ready.

Anywho, TiVo rocks and if it doesn't say TiVo - you've got a digital VCR.  :-)

<rant>Being on the road means no TiVo and I'm having look up when things come on using Zap2It and it stinks.  I like hitting the TiVo button to see what's on and ready for me to watch - when I'm ready to watch it.</rant>  Can you say Slingbox?

Dave Burke, of Live in Vermont fame, has been hired on my Telligent as the first CommunityServer evangelist.  Dave has helped me out a lot and was the guy I first went to when I installed .Text over a year ago.  Now he'll be getting paid for what he's already been doing.  Can't get any better than that.

Congrats Dave!