Author: Michael Cook

Read all posts from Michael Cook.

The importance of strong passwords for website security

Don’t Listen to the FTC on Password Security

| Security

It may be hard to believe, but even in 2016, brute force attacks remain one of the most common attack vectors on the web.

While it’s impossible to guarantee 100% security against brute force attempts, you can get pretty close by using strong passwords, using HTTPS on login pages (also using stronger encryption algorithms), using two-factor authentication, limiting failed login attempts (and banning those IPs with failed login attempts), adding a CAPTCHA field to login pages, using a firewall to filter malicious traffic, etc.

We all know how important strong passwords are. As part of an experiment, Ars Technica reported that a team of hackers was able to crack 90% of a 16,449 password list — all of which were 16-character, cryptographically hashed passwords. In less than one hour. But security experts are adamant that site owners regularly change passwords as well. Not long ago I believed this was unnecessary, but the recent data breach of Dropbox has changed my mind.

Continue Reading …

A photo of a dimly lit light bulb.

Have Digital Marketers Lost Their Creativity?

| Advertising

Earlier this year, freelance web designer Dave Ellis (based in West Yorkshire, England) noted a similarity with many of today’s websites: they all look similar. Strikingly similar. He created a generic, wireframe template (pictured below) that anyone in the marketing industry would recognize. I’m sure some of us are even guilty of creating this same layout for client sites. The post went viral, and many accused web designers of copycatting.

I have no doubt you’ve also seen a website that looks exactly like the template below. You’ll even notice elements from that template on Salty Key, even though I built this site from scratch. So what gives? Are we all just imitating each other?

I will argue that a number of factors have led us to “design convergence” and created an entire galaxy of clone websites. Are some designers just lazy? You bet. But if we begin to address the circumstances that got us into this mess, maybe it’ll lead to more imaginative web design in the future.

Continue Reading …

The effect of website speed on SEO

Google Hints Mobile SEO Changes

| SEO

Search Engine Land reported that Google “hopes to add mobile-specific page speed as a factor and not rely on the desktop version” when it updates its mobile-friendly algorithm.

Site speed has been a ranking factor since 2010, but Google still depends on page speed results from the desktop version of your site for both mobile and non-mobile rankings. This has always struck me as odd, since Google’s tool for measuring website performance provides results for both the desktop and mobile version of your site.

(For those who don’t know, Google has separate algorithms for its desktop (non-mobile) and mobile search results. To answer your follow-up question: no, Google does not consider tablets to be mobile devices.)

It’s no secret that Google’s primary focus for the past 5+ years has been mobile usability. Google does not crawl Flash websites since Flash isn’t compatible with most smartphones. It forced webmasters to adopt responsive design (or mobile-optimized pages, like m. sites) via “Mobilegeddon” to improve site readability on phones.

Since Google still dominates the search industry, these actions have undoubtedly increased mobile internet usage. It’s estimated that nearly 40% of all web pages will be served on mobile devices in 2016; Google’s mobile-first policies are a big reason why. These same policies enacted by Ask or AOL (which combine for less than 0.5% of the search market) wouldn’t make a dent in mobile web traffic. Same for Bing and Yahoo! (#2 and #3 in search market share, respectively). It took a powerhouse like Google to change how webmasters build websites.

Continue Reading …

WordPress Updates its Recommended Hosts

| Web Hosting

Last week I wrote about how to spot a good web host, and I mentioned the list of recommended hosts on WordPress.org. At the time of writing that post, WordPress had one host listed on its recommendation page: Bluehost. There was, however, a note at the bottom of the page saying WordPress was in the process of updating the page. I don’t think anyone took that note seriously.

Well, the joke was on me! I was very pleased to see that WordPress updated its hosting recommendations within the past week. While Bluehost is still listed, the other companies mentioned are great: DreamHost, SiteGround, and Flywheel.

Continue Reading …

Image of web servers

How Do I Know If My Web Host Is Good?

| Web Hosting

With so many hosting companies available, there’s pressure to pick the best available. I know I went back and forth trying to find the perfect host for my site. “The Paradox of Choice” says an overabundance of choices actually stalls our decision making and leads you to constantly second guess yourself. The last thing you want after signing a long-term contract with a hosting company is to wish you chose another host.

Hosting is crucial for both site speed and security. (See our Security page for more info on hosting and security.) If you dream of sub-two-second load times, you won’t get there with cheap shared hosting. And being able to choose your own host is a huge benefit open-source platforms (like WordPress) have over proprietary software.

But how do you judge a host? What should you look for? Who’s the best host? I can’t answer the last question because there is no right answer, but I can tell you how to evaluate hosts.

Continue Reading …