Checking the Strength of a Password

In this article I want to talk about a recent password strength checker that I build for my open source application SafePad.

Password Strength Indicator in SafePad
Password Strength Indicator in SafePad

 First of all we have a public enumeration that contains the password score results.

Advertisements

Serializing POCOs into XML

I couldn't think of a suitable image, so here is a programming Dog.
I couldn’t think of a suitable image, so here is a programming Dog.

I am writing this short article as every time I need to serialize a C# object into XML I keep on forgetting how to do it (probably as I am getting old) so I thought I would post a snippet here. More for my own benefit as I am forgetful.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Windows.Forms;

namespace HauntedHouseSoftware.SecureNotePad.DomainObjects
{
    public sealed class ApplicationSettings
    {
        public int WindowPositionX { get; set; }
        public int WindowPositionY { get; set; }
        public int WindowWidth { get; set; }
        public int WindowHeight { get; set; }
        public FormWindowState FormWindowState { get; set; }
    }
}

First lets start with a simple class that we want to serialize into XML. The class above, ApplicationSettings, was taken from my open source application SafePad. This simple class contains some window position setting that need to be serialized to XML.

Securely Storing Passwords

In this article I want to talk about the storage of passwords in your systems. Passwords are still the most common way of being able to authenticate a user, but it is very easy to put yourself in a situation where your system is not secure and susceptible to attacks. In this article I want to discuss ways in which you shouldn’t store passwords, and talk about how you can safely store passwords and protect yourself where you have been a victim of data theft.

Securely Storing Passwords
Securely Storing Passwords

Storing Passwords in the Clear

Easy of Implementation : EASY

Is Good Idea : TERRIBLE IDEA

When you are developing a system that needs to authenticate a user, the biggest mistake you can make is storing passwords as clear text in your database. You may as well not bother having security as you can’t offer any kind of privacy to your users. This may seem like common sense, but there are still plenty of sites that do this. A user’s password should be secret and only known by the person who it belongs too.

Phonetic String Matching : Levenshtein Distance

In the last article I discussed an algorithm for creating Soundex codes. In this article I want to show another algorithm called the Levenshtein Distance algorithm or as otherwise known the Edit Distance algorithm. The Levenshtein Distance algorithm is strictly a phonetic algorithm but it calculates how many edits you need to do to turn string A into String B. This can be illustrated in the diagram below.

Levenshtein Distance Calculated the Number of Changes from One String to Another.
Levenshtein Distance Calculated the Number of Changes from One String to Another.

In the example above, the Levenshtein distance between “kitten” and “sitting” is 3, since the following three edits change one into the other, and there is no way to do it with fewer than three edits:

Remaining Private on the Internet

In previous posts I talked about the mass surveillance by the NSA and GCHQ, and also posted an excellent video that explains about the threat to privacy in the modern age on the internet. If you are worried about privacy on the internet then there are many tools out there that can help you. I thought I would list a few of them here. Some of the tools are free, and some are not.

Tor Browser Bundle

First up is the Tor Browser Bundle. This is a modified Firefox web browser that is aimed at making your web browsing anonymous. By this I mean that no one can trace what sites you are visiting. It does this by redirecting your browser traffic through thousands of other relays.

Tor Browser Bundle
Tor Browser Bundle

This does make your browsing experience a lot slower, but that’s the price you pay for anonymity. Here is their official blurb.

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained.

Phonetic String Matching : Soundex

A phonetic algorithm is an algorithm for indexing of words by their pronunciation. Most phonetic algorithms were developed for use with the English language; consequently, applying the rules to words in other languages might not give a meaningful result.

A phonetic algorithm is an algorithm for indexing of words by their pronunciation.
A phonetic algorithm is an algorithm for indexing of words by their pronunciation.

Typically in our applications we will try to compare literal strings, which only gets you so far. Sometimes we need to be a little cleverer and compare strings based on how they sound as opposed to how they are spelt. In this series of articles I want to show some implementations for some different phonetic comparison algorithms that you can use in your applications. Feel free to take the code from these articles and use them in your software.

How to Motivate and Innovate Part 4 : Leadership Styles

In the previous articles in this series I covered Motivation, Finding meaning in your work, and how to encourage innovation in your team. In this final part of the series I want to discuss some different leadership styles you can adopt with your team.

There are many different types of leadership style you can adopt and rarely does one size fit all. Sometimes over the lifetime of a team you will need to adapt your style to fit a certain scenario, or use a specific style with different people on the team, especially if they are persistent under-performers.

You need to adapt your leadership style to different scenarios.
You need to adapt your leadership style to different scenarios.

Bureaucratic Leadership

Bureaucratic leaders are people that follow rules to the letter, and they ensure their team follow rules and process to the letter of the law. If you are working in an environment where safety both to people and systems is essential then this type of leadership style is needed.  If you have a team that does a lot of repetitive and manual work, then this style is also very well suited. If you want your people to be creative and innovative, then this isn’t the best style. You can use a blend though where you slip into bureaucratic leadership if you have a strict deployment or change management process to follow.