Passwords are difficult. On the first hand, you want to create a password that uncrackable by anyone, lest they be teenage hackers or CSI experts with magical hacking tools. On the other hand, the password has be rememberable by you yourself, lest only teenage hakcers and CSI experts with magical hacking tools are able to access your data.

So, how do you make passwords?

One of the more secure ways are to use a random letter generator, like random.org, to build random strings, pick one, and memorize it. It’s pretty secure (random.org uses real random noise to produce it’s random numbers)and with seven random alphanumeric characters, the password search space is about 2.2 trillion combinations! But are you really going to remember “QRSr0Fu” or “W96TUON” two weeks from now? (My generated set had “myELlRK” which I might be able to remember…) If you type your password every hour or so, you might remember this by muscle memory pretty quick. Just in time to have to change it, I bet.

Another way is to take a word or phrase, turn some letters into |33+sp34k, and you get something more random, but much more rememberable. So, for example, “minivan” becomes “m1n1v4n!” and “washington” becomes “w4sh1ngt0n!?!” These are actually quite rememberable; the use of non-standard characters disallows the use of rainbow tables and dictionary attacks, so they’re much less suseptable to cracking. However, what happens when you forget the “!”, or that “Washington” gets “?!?” or that you did NOT turn “t” into “+”? You could end up going through a few cycles trying to “guess” your own password. Again, if you use it all the time, you’ll learn by muscle memory. And this lets you come up with some cool passwords, like “c4p+41nK1rk”. How can you beat that?

My favorite way, however, lets you write your password down in plain sight. I tend to cycle through passwords, and if you’re anything like me you have two online banking passwords, four credit card or loan company passwords, a work domain password, 6 email passwords, a home log in password, etc, etc, etc. If you take the easy way out and use the same password everywhere, you end up making kittens and security experts cry. If, however, you have a completely separate randomized combination for each account, your brain will get stuck in an infinite loop. Using this method, you get to write down your passwords and tack them to the wall. Or put ‘em on a sticky note. In plain sight. Email them to yourself without a care. It uses a special type of encryption to keep your password safe. Not AES or DES or TEA or other TLAs. I call this “Hippocampy Encryption” (named in honor of the part of the brain that does memory type activities).

The key is to write down a set of clues that will tell you (but only you) what your password is. You can add symbols to help you remember what kind of encoding to use for your password. Here’s a password I just made up right now as an example:


Shawn's rival ^
shout your home team
Esirpretne
Sam.


Because everything on this note is simply a hint for your specific brain to recall a password, it’s specific to you. Hints don’t even have to have anything to do with the subject. The hint “Red October” could tell you the word “fortworth”, whereas for me, I’d be trying “R4M1US”, “M1SSL3S”, “jackryan”, “TomClancy”, etc. You can string three or four hints together for a password. Note, these create long passwords, and your coworkers may start to believe that you have a superhuman capacity for memorizing long strings of randomized data. Do not do anything to dissuade them from this belief. And, because the hints point to common words and numbers already lodged in your grey matter, you may be suprised just how fast you type in that 20 character long password. Compared to my speed on 7 character random strings, it’s blazing.

And due to the pattern matching ability of your brain, remembering the passwords are easy. Lets say you’ve written your clue on the back of one of your business cards, so you have it handy if you need it. After a few days, just SEEING a business card will bring your new password to the front of your mind. After a while, you’ll stop needing your hint sheet, as you’ll just remember the password. And when it comes time to change your password, shred your card and your postit, post a new one (in a different color if you can, helps the brain), and give yourself a few days. Unlike scrawling your random digits on a paper or card, even if somebody stole your “Hippocampically Encoded” card, they would have to REALLY know you (or be a really good guesser) to get the password. Even with your card, you’ve reduced them to brute searching. And if your card/note turns up missing, it takes about 30 seconds to whip up a new hint sheet. Not only is your attacker brute forcing your hint sheet, but it’s the wrong hint sheet anyway!

So… have you guessed my password above? It’s GARYkemp!1071Max. ‘Course, you’d only know that if you knew that I played Pokemon and left my rival’s name at default, that I decided that “^” meant “Make it all uppercase”, that my home team is the Kemp High School (and that I was talking high school football), that by “Shout” I meant “give it an exclamation point”, but that the whole word should be lower case (because the hint is), that Esirpretne is “Enterprise” backwards, and that I meant to make the serial numbers backwards (but not the NCC part), and that by Sam (a very common name) I meant “Give me the name of Sam’s partner in that incredibly funny cartoon by Steve Purcell, Sam and Max: Freelance Police.” The period is just decoration. If you did guess it, contact the NSA. I hear they’re hiring people like you.

When I was growing up, computers were these wonderful things that sat at the back of the classroom (usually one, or maybe two if the class was lucky). If the school was lucky, there was a “computer lab” where you could have access to the latest and greatest in government approved hardware.

My favorite of the time was the Apple IIe. Our school district had so many of them, they handed ‘em out to classrooms (The school district now uses them as very effective door stops). In fact, I got my start with computers by tinkering with a IIe. My first computer experience was hooking up a printer to a IIe, and the wonder of this experience (plug something in, type a command, and print came out!) completely captured me (I was in first grade), and from that moment on I was completely wrapped up in the wonder of computers.

Anyway, I graduated to PC compatibles and DOS. Trying to get a grasp on this computer thing, I got a copy of DOS for Dummies. Near the beginning of the book, they had a paragraph that had some important words of wisdom. While I don’t have the book any more, the message is still with me: “This book will teach you the basics of the computer, what you can do, what you can’t do, and what you really shouldn’t ever do. However, for anything you don’t know, contact your local computer guru.”

Computer Guru? What is this “Computer Guru”?

According to Wikipedia, Guru means “Teacher, in a religious or spiritual sense.” And as luck would have it, I was able to get into contact with Computer Gurus throughout my life. These were the computer equivalents of the small town mechanic: you pull up for some gas and Harvey the mechanic walks around the corner. “Howdy! I heard you pull up. You’ve got a bit of a timing issue, and I think one of your spark plugs are bad. I can change ‘em out in a few minutes, if you like.” It’s almost like Harvey has a supernatural connection to vehicles. He can hear issues, he can smell problems… he’s one with the Motor Vehicle Force.

The same with the Computer Gurus I knew. You walked in and turned on your machine, they’d make a “Hmm” sound (in computer science, “Hmm” is similar to the Indian sacred syllable “Aum” or “Om”. It’s ritually chanted by a computer guru whilst contemplating your computer’s connection to the Universe), type some sacred symbols into the prompt, then tell you the problem and offer to fix it. Most times they would happily fix your computer in exchange for a pizza; sometimes just getting a cup of coffee from the ever present drip dispenser could net you a small fix. And if you were truly interested in computers, you could even ask to become a follower of the Guru. You’d spend your spare time in his or her office, ask meaningful questions about the nature of the Universe, contemplate ancient tomes and user manuals, and take care of the mundane tasks of life (like formatting floppies or installing software) so the Guru could spend their time connecting with his or her latest project (generally spent looking at an arcane flowchart or design document and saying “Hmm” a lot). You knew, one day, with practice and patience, you too could become a Guru, have followers to format your floppies, and say Hmm.

However, the computer industry started changing. User interfaces became simpler, USB made the promise of true plug-and-play a near reality… the command line all but disappeared. Computers stopped being a specialized device and became a commodity. Computers were EVERYWHERE. And there was this belief that computers will become so “user friendly” that there was no need for the long learning process of the Guru.

And for the most part, this has happened. Programs are very user friendly now. There’s tons of documentation, and most don’t expect you to have a PhD in Computer Science to understand them. Workflows have become “point and click link” instead of “chant this esoteric string into the command prompt”.

However, sometimes I really miss my Guru. For example, just this last week, my roommate’s computer (which I built) started randomly crashing. There wasn’t a specific program that crashed, and it didn’t crash at a set time. I knew something was wrong, so I tried to diagnose. ‘Course, Vista being user friendly, the computer would automatically reboot, without showing the Bluescreen, except for the subliminal hint of blue to let you know that the computer had crashed. See, blue screens have “Technical Information” (it says so right on the screen!)… and user friendly computers (1) don’t crash, and (2) are NOT technical. So I was stuck with a computer that wouldn’t run, and a bored Roommate who just realized he has a $1200 paperweight.

As Dr. McCoy would say, “I’m a programmer, not a hardware doctor!” Hardware issues are right outside my realm of experience. I longed for my Guru. I knew how to diagnose; I pulled hardware, changed orders of cards, swapped the memory sticks back and forth… all the standard religious rituals for modern computers. I knew that if I could but approach a Guru, tell him or her my issue, they could give me leads to check. I didn’t have the money to buy all new parts at random; I had to work with what I had. I knew I had all the data for a real diagnosis… I simply wasn’t able to pick out the error. Working the next day at SoftLayer, I mused about my lack of Guru leadership. At the end of the day, I turned to a coworker and said “Now I get to tinker for a few more hours on this stupid computer. I wish I knew a Computer Guru!”

My coworker smiled and asked what the problem was. I told him and he looked at the ceiling. “Hmm” he said. “Could be a power supply issue. Maybe the power coming out of the supply isn’t clean and it’s resetting the motherboard.” Just then, another coworker walked around the corner.

“What about a power supply?” he asked. The first coworker told him the issue. “Hmm,” he said, looking intently at the wall. “I bet it’s a RAM issue. I bet your ram is bad. Swap it out with some good RAM and see what happens.”

So I went home and crosswired some power supplies. Rebooting the machine, I finally got a bluescreen that crashed itself, locking up the computer and letting me read it. “PAGE_FAULT_IN_NON_PAGED_AREA” “Page Fault?” I thought. “Hmm.” My roommate walked in. “What are you doing, meditating? Have you fixed it yet?”

We went to Fry’s and bought some new RAM sticks. Going home, I popped ‘em in and started the machine. And it worked! It’s been running 6 days nonstop. My roommate was really happy. I was finally able to look up the bluescreen message up on the Internet. Sure enough, that specific error almost always pops up when there’s bad ram.

So, where have all the Gurus gone? Where else? They all work at SoftLayer! Whenever I’ve had a software or hardware issue, or an operating system issue, I’ve found somebody here who knows the issue. They look at the wall, say “Hmm”, sip their coffee or Monster (depending on their level of enlightenment), and give me the answer. The guys here are at one with the Network. The DC guys almost seem to be able to FEEL a power issue or a drive problem before it happens. Slales is able to think about your problems and provide a tailor made solution to help. And Development is where all the action takes place; we get to write all the behind the scenes magic.

“You must be some kind of Computer Genius!” shouts my roommate (lucky for me, he’s gotten to play some Call of Duty 4, so he’s already forgotten the previous week of frustration). “No, not yet.” I respond. “I’m working on it, but I’m not a Guru yet.”

I just finished the best Software Project Management book I have ever read. It covered proper planning, requirements gathering, resource management, inter-organizational communication, and even discussed the immeasurable factor of individual effort. The book’s title is ‘A Bridge too Far’ by Cornelius Ryan. The book is actually a historical account of “Operation Market-Garden” which was an attack by the Allied forces against Nazi Germany in World War II.

First let me say that I am not comparing Software Development to War. I do appreciate the difference between losing one’s job and losing one’s life. But as I was reading the book, the parallels between the job of a project manager preparing for, managing, and executing a large project are not unlike that of the job of a General’s planning staff preparing for a major offensive.

Operation Market-Garden was a combined ground and paratrooper attack into The Netherlands by the Allies a few months after the invasion of Normandy. Things seemed to be going well for the Allies in the months after D-Day and the Allied Generals became confident that they could launch a lightening strike that would end the war sooner rather than later. The operation seemed simple, Airborne paratroopers would be dropped deep in Nazi territory and would capture key bridges along a route into The Netherlands. A ground offensive would quickly follow using the bridges that were captured by the paratroopers to get almost all the way to Germany’s borders. The short version of the story is that the ground offensive never caught up to the paratroopers and the offensive didn’t succeed.

Reading the historical account, with the benefit of hindsight, it became obvious that the Allied Generals underestimated the difficulty of the task. The offensive scope was too big for the resources on hand and perfect execution of all the individual engagements was required. The schedule the Generals developed was impossible to keep and schedule slips meant death for many of the soldiers. Communications between elements of the units involved was critical but did not occur. However, because of heroic actions of some individuals and personal sacrifice of many, the offensive almost succeeded.

In the early stages of a project, setting realistic goals, and not putting on blinders as to the quantity and quality of your resources are key to a projects success. Going on the assumptions that the ‘development weather’ will always be perfect, communications will always work, and that all tasks will be completed on schedule is a recipe for disaster. And you can’t always plan on individual heroics to save a project.

I usually try to inject some levity into my posts, but not this one. 17,000 Allied soldiers, 13,000 German soldiers, and 10,000 civilians were killed, missing, or wounded as a result of this failed offensive.

With the NFL season in full swing and the usual suspects up to their usual tricks, a question was raised as to why some teams opt to run a “no-huddle” or “hurry-up” offense when their backs are against the wall with the clock ticking away, while other teams seem to constantly be in a “hurry-up” mode throughout the game and have a significant degree of success with it. In either case, the objective is to keep the competition off balance and have steady advances to the goal. An obvious example of an undeniably successful team that employs such methods is the reigning NFL Champion Indianapolis Colts.

Before I go further into lumping praise onto the Colts, I feel that I am obligated to state that I am not a die-hard Indy fan. The team that I root for shall remain nameless for this article as I am still traumatized by the hammer that they leveled on my team of choice on the NFL’s opening night (Hint: Rhymes with “The Aints.”).

Okay, so this observation invites the question: how did the Colts become champions by performing in a manner that, to outsiders, may appear to be rushed and distressed? One could say it’s because they have trusted, senior individuals in their skill positions implementing the plan. Another might say that by focusing on rapid incremental results, they are able to execute more efficiently. An additional point might be that the constant communication amongst the players allows them to adapt to the circumstances that are constantly changing so that they may deliver and reach their goals.

To those of you not caught up in the imagery of football, you might recognize that these are some of the same traits that characterize successful adaptations of Agile Software Development. With the goal of delivering continuous and valued improvements to our applications and supporting software, the Softlayer Development team practices many of the Principles behind the Agile Manifesto. While “moving the chains” toward the end-zone alludes to the incremental success of an NFL team’s offense, we speak more in terms of functional and valued releases towards achieving greater customer satisfaction. This is afforded to us by the skilled players on our team, constant communication, and a continued focus on producing measurable results. We are determined to keep “moving the chains” so, stay tuned to the Developer Network, Forums, and all channels Softlayer as we continue to push towards our goal.