Page 118 of 133

Entrepreneurial Quotes

Mazur Leave a comment

Taken from How To Spot a Breakthrough: Tips from Early Amazon Investor Nick Hanauer, which has a lot of good sound bytes:

The key elements of a breakthrough idea, Hanauer said, are value creation and social disruption.

As for social disruption, Hanauer gave a quick summary of what he meant:

—If everyone thinks it’s a great idea, it probably sucks.
—If people understand it, you’re too late.
—If people don’t like it and don’t understand it, it probably still sucks.

If you have a breakthrough idea, you don’t need a breakthrough way to get it to the market. “If you have transformational value, people will beat down your door…Focus on the product. If the product is good enough, marketing will take care of itself. If the product sucks, no amount of marketing will get you over the hump.” [see ALL IN Expert]

—”I’m not a technologist. From my point of view, technology is simply a thing that allows you to bring transformational things to customers…People get excited about a particular technology, and they forget the question: what does this do for people? It’s about what the customer gets compared to the alternatives.”

—”As an entrepreneur, I’ve never been concerned about competition. If you’re early, run like hell. It’s all about execution at the end of the day. It’s about having a great idea, executing like hell, and delivering value to customers.”

—As for walking a different path, “I was difficult for my parents, and for my teachers. I’m incredibly uncomfortable in crowds, I never go to sporting events…What that allows is for you to have an idea and be comfortable with people not liking it. Jeff Bezos calls me a high-functioning contrarian.”

Hmm, I think I just quoted about half the article.

Why to Set a Time Limit on Password Reset Emails

Mazur 6 Comments

You know those password reset links that are sent to you get when you forget your password? Well, some of them set a limit on how long you can use it before the link stops working. For the life of me, I couldn’t figure out why sites did this. Who cares how long it takes me to get around to resetting my password? Why not just make the same link work every time a person wants to reset his or her password?

So, I coded up a registration and password reset system for Domain Pigeon without setting a time limit on reset password links.

Last night, somewhat randomly, it hit me why this is a bad idea. It’s so obvious now that I don’t know why I didn’t think of it sooner.

If you reset your password in a public place, such as a library computer, the reset password URL will probably be stored in the browser navigation history. The next person who uses the computer might accidentally come across the “www.whatever.com/reset/…” URL and click it to see what happens. Surprise: it still works.

So how do you prevent this? You guessed it: a time limit.

Here’s how I implemented it for Domain Pigeon. When the customer requests a password reset email, store the time they requested it and then, to generate the URL, use a hash of the user’s email concatenated with the time they requested it. This’ll ensure that the URL is unique based on that specific request (aka a salt).

Then, when the customer clicks the link to reset his password, compare the current time to the time the link was sent and if it’s less than a specific amount of time, allow him to change his password. In pseudocode, this looks something like:

if hash(user.email + user.forgot_sent_at) = params[:hash] and user.forgot_sent_at + 2.hours > Time.now then
... yada yada yada
end

[Update: Note that the has function used here is a SHA-1 hash of the input concatenated with a secret key, so that the final product here = SHA(user.email + user.forgot_sent_at + long_random_string). Thank you to Artem for pointing out it needed to be clarified]

Lastly, after the password is changed, reset the stored time. That will prevent someone from changing the password twice using the same reset password link.

The only flaw I see with this method is for the person who clicks the link to reset his password and abandons it, because that’ll allow someone else to access the page and reset his password. Fortunately, this should be rare enough that it’s not a major problem. For extra security, set the time limit to five or ten minutes. After all, how many people request a reset password link and don’t access it within the next few minutes? For the few that do, they probably won’t mind the small annoyance in return for the extra security.

If anyone has any thoughts on this method or password reset algorithms in particular, please let me know.

TED & Malcolm Gladwell

Mazur Leave a comment

and

I’m going to make an effort to watch a few of these a week, as they are some of the most insightful talks I’ve ever heard.

I didn’t hear of Malcolm Gladwell until very recently. He’s been mentioned a lot because of his new book, Outliers, and I wanted to see what all the fuss was about. For some reason I pictured an old gray guy but I couldn’t have been farther off. He’s 45, a British born Canadian journalist whose mother is a Jamaican psychotherapist and whose father is an English civil engineer.

I don’t know what it was about the tomato sauce speech, but I found it captivating.

And so, I bought Outliers, which should keep me occupied to and from work for the next two or three weeks.

ALL IN Expert Followup

Mazur Leave a comment

I received a lot of great feedback regarding the ALL IN Expert post.

Here’s a quick summary of the major themes:

Advertising

I think you should have put a lot more thought into how to get users to find your product. Like, sometimes (often, maybe), people don’t even know they could use something and that something they could use exists. You have to educate them.

Tichy

I think what really went wrong was not the product, niche or anything like that. It was the marketing/sales. You should never underestimate how hard selling even a good product is.

Mikkom

Many people commented that advertising could have helped a lot. I’ve got to admit that when I originally read the line “Advertising is a tax for being unremarkable” I interpreted it as saying advertising is a bad thing and that you shouldn’t have to do it if your product is great. The feedback has given me a different perspective. With an amazing product such as Facebook or YouTube you might be able to get away with primarily word of mouth advertising, but regardless of your product, a strong advertising campaign can help a lot. A great product is worthless if no one knows it exists.

Screenshots

I note that on the website there seems to be no real screenshots of your application in action that give me a good idea of what it does and how it works. In my opinion, this is a huge mistake – I generally won’t download /anything/ unless I’ve seen a screenshot first.

halo

Halo pointed out that the homepage didn’t have screenshots on it. While the grid was put there to lure people in, I think I missed out on a big opportunity by not having an expansive screenshots section on the site.

Online Version

Perhaps you can make an online free version and put some ads?

lazyant

Some people suggested I make an online version. Had the product been successful, this might have be a viable route. In retrospect, I should have attempted this to start with, as it would have differentiated the product and given me experience doing something new so that should I fail, at least I walk away with some technical skills that I didn’t start with.

How to approach a risky project…

Fail fast and move on!

Breck

Next…

This was my favorite comment, taken from a comment on the blog:

I don’t know why you’re calling this a failure. How much time did you spend on it? Three months of time to think of, build, and launch something, even if it doesn’t work out, is time well spent. Think about it this way: that’s 4 startups a year… Sooner or later, one of them will end up working out (and in no small part due to the lessons previously learned).

David Rusenko