Passwords are probably the biggest security risk that users face today. Most assume that a secure password is at least 8 characters long, contain upper case and lower case letters as well as at least one digit. Problem is that this leads to passwords like Password1. But the real problem is that users believe that this password is so secure, since it technically follows the requirements for a “secure” password, that it can safely be used everywhere.

I’ve been trying to set up an XMPP server since MSN went out of style (i.e. since forever). However, managing users is a bit of a hassle and normally the two alternatives are to either create users manually or allow them to register through the client. The first is tedious and the second is not very user-friendly. But with ejabberd there’s also support for MySQL databases. Which means that I can write a simple registration service where users can manage their accounts themselves.

So I finally made the jump to a static blog. I have been contemplating this move for quite some time now. Mostly it’s been a consideration between Pelican (Python) and Jekyll (Ruby). Where Jekyll has been more tempting with the huge ecosystem around Octopress to benefit from. The downside with Jekyll, and Octopress especially, is that I have to keep an entire framework of blog generating software around. This was a lesser problem with Pelican which was smaller, but still a limitation.

(Disclaimer: I am not a lawyer, everything in this post is probably wrong) Too many times I’ve stumbled across a really useful library or framework that is ridiculously prohibitively licensed. The thing is that most people are simply oblivious to what the license entails and just slap on a GPLv3 (because everyone is using GPLv2, and of course you want the latest version.. right?). The problem with GPL is that it includes a copyleft.

I restarted work on one of my older hobby projects. Though I’m not really sure what my end goal is yet I got a vague idea of what I want to build and it’s nice to have something of my own to code on. While setting this project up I took some extra time to make sure I got deployments automated from the start. Proper configuration and use of tools saves a lot of time but it also takes several hours to a day or two to set up, depending on the project of course.

So the whole point of running a static website (besides that it’s cool) is the performance aspect. And I personally think that if you’re doing something for performance you might as well go all the way. So here’s how I optimized my static website. First downloading the plugins and themes I would require to the folder for my configuration files. git clone https://github.com/getpelican/pelican-plugins ~/Projects/Pelican/plugins git clone https://github.com/getpelican/pelican-themes ~/Projects/Pelican/themes And then adding them to the main configuration file by adding these lines to the bottom.

No, this blog still uses WordPress (now Hugo!) because of its convenvience and ease of use. But I needed a way to document my personal server that I use for Mumble, IRC and my small projects and I decided to test out static blog generators for that. Normally people use Octopress (based on Jekyll) which labels itself as “A blogging framework for hackers” which is cool and all but I really don’t like Ruby and I had heard a lot of good stuff about Pelican so I went with that.

I’m studying computer security this term and it has a way of making you very paranoid about security matters, and recent articles like this and this really doesn’t help either. Therefore I’ve decided to set up two-factor authentication everywhere possible to help protect myself to some degree for the uselessness of passwords. Two-factor authentication essentially means that you use two authentication factors to log in instead of only one. An authentication factor is one of three things, something you know, something you have or something you are.