Is Lunarpages storing passwords in plaintext?

First of all, I want to state that these are serious claims. That what I am stating is based on my observations.  While I cannot confirm what I am saying is true, it is hard to claim the situation is much different than what I am stating.

Lunarpages, as I wrote in my previous post, has been my hosting provider for nearly 10 years. I’ve grown up from being that wacky teenager with limited technological understanding to now architecting and building infrastructure and development tools. I don’t claim to be an expert in any way and there is a lot I can learn.

Over the past year, I noticed some very shady things going on with my account. In part, my account was compromised at least twice where files were overridden. To this day, I still do not know how it has happened. But lately having to deal with support, I noticed a rather major flaw.  Lunarpages and it’s staff have access to your passwords in plain text.

To come up with the conclusion that Lunarpages in has access to your passwords in plain text comes from two separate emails I’ve received from them in the past week.  Frankly, I have lost all faith in them as a company.

Continue reading…

Why Lunarpages is no longer my hosting provider

I’ve been with Lunarpages now for nearly 10 years.  Of those 10 years, the last year has been terrible. There have been several instances along the way that were bad. I was more patient then.  I have paid for their services on a yearly basis. I would essentially be paying for 10 months per year. The downside was that I was locked in and had no where to go.

Continue reading…

I’ve Implemented Two Factor Authentication

Over the past 24 hours, someone has been attempting to gain control of my accounts. I’ve received over 50 different emails for password resets and various services alerting me that someone is attempting to gain access to my account.  This very blog a few months ago was averaging roughly 5 login attempts per second. Over the course of a day, I was seeing nearly 450k failed login attempts.  I’ve implemented a series of features that would slow down and potentially block people from gaining access through brute force.  At the end of the day, it seems someone clearly wants to gain access to my accounts.

I’ve been living in comfort all this time without two-factor authentication, assuming my strong passwords, unique for each service would suffice. I still think these passwords are strong. But what if someone figures it one password through brute force? As far as I know, none of the attempts have been successful.  But it leaves me paranoid that they will keep trying until they eventually become successful.

Continue reading…

Must changing your default email be this difficult?

As you may (or may not) have read yesterday, I have been migrating my email services onto a more reliable platform.  In the process of doing so, I have been looking to change my primary personal email address from @cy-designer.com to one at @pelland.me. I don’t know if any of you have tried to change your primary email address, it is not at all easy.

Continue reading…

I’ve finally migrated my email away from shared hosting!

I’ve spent the better part of the day today working to migrate all my email accounts from my current shared hosting provider onto a more reliable Outlook.com. My shared hosting provider, which I do not wish to mention at this moment, but will in future posts, has been terrible. I’ve had emails disappear on me and in many cases my emails bounced. Of course when I contacted support with those issues, they blamed the sender for improperly typing the email address. Out of the dozen or so support tickets on the issue, not once did they bother looking into the issue.

Continue reading…

LightHack – Version 1

This past weekend, we hosted our very first hackathon, called LightHack. Up early for a 9am start with a nice breakfast and some coffee. Quickly, the office filled up and we had over 20 people chatting / getting ready to start hacking away. We matched entrepreneurs with developers and they were off.  There were 4 teams, each building a different app. Throughout the day, I got a chance to see how people used Lightning and whether they encountered any issues. Food was served and people were having a great time. Many like myself were tired, which made development interesting.

We ended development early, had some drinks and dinner before presenting the various apps that were built.  All of which looked great and we were proud to see how much was accomplished in a few hours.  The hackathon progressed into a social event for Nathon and Scott’s birthday.

The event was great! While the event was a success in many ways, there was also a lot to learn.  Anyone hosting a hackathon can tell you that the first one won’t be perfect and you will learn as you do more. We are still debriefing to understand how we can make the future hackathons better. But if you have been to hackathons or have hosted some, I’d love to hear your feedback.  We want Lightning to be the tool developers go to when they want to build apps.

A happy user is a happy customer

Understanding human to computer interactions is a crucial step for insuring users are happy using your product.  As technology advances, it tends to get more complicated as a result.  The user experience should not.  Complications in interfaces and user experience often stem from privacy regulations, connection to multiple third party networks, a result of software that tries to give user options, or by overwhelming the user with features.  While valid problems, they can all be solved through innovative UI.

Some of the best and most used products on the market feature a very simple on boarding process for the user and keep the user engaged with limited options.  Can you get a user to get your product in 5 steps or less?  Can you get them to find the value of your product in those steps?  What about keeping the discovery process simple for the user as they continue to explore your product?

Continue reading…