5 Matching Annotations
  1. Mar 2023
    1. Here are the main arguments I’ve heard for SMS 2FA: SMS 2FA can prevent phishing. SMS 2FA can’t prevent phishing, but it can prevent “credential stuffing”. We have data proving that SMS 2FA is effective. I’ll cover some other weaker arguments I’ve heard too, but these are the important ones.
    2. Don’t let the perfect be the enemy of the good. Seat belts aren’t perfect either, do you argue we shouldn’t wear them? Etc, etc. This argument only works if what you’re defending is good. As I’ve already explained, SMS-2FA is not good.
  2. Nov 2021
    1. Calling a software convention "pretty 90s" somewhat undermines your position. Quite a lot of well-designed software components are older than that. If something is problematic, it would be more useful to argue its faults. When someone cites age to justify change, I usually find that they're inexperienced and don't fully understand the issues or how their proposed change would impact other people.
  3. Jul 2021
    1. But having an experienced team that knows the codebase well as an argument for using them is weird and not strong.
  4. Aug 2020
    1. As a web designer, I hate that "log in" creates a visual space between the words. If you line up "Log In Register" - is that three links or two? This creates a Gestalt problem, meaning you have to really fiddle with spacing to get the word groupings right, without using pipe characters.

      Sure, you can try to solve that problem by using a one-word alternative for any multi-word phrase, but that's not always possible: there isn't always a single word that can be used for every possible phrase you may have.

      Adjusting the letter-spacing and margin between items in your list isn't that hard and would be better in the long run since it gives you a scalable, general solution.

      "Log in" is the only correct way to spell the verb, and the only way to be consistent with 1000s of other phrasal verbs that are spelled with a space in them.

      We don't need nor want an exception to the general rule just for "login" just because so many people have made that mistake.