I no longer tell many of my less tech-savvy to use 2FA for most sites. The notable exception being their primary email and a few others. I instead push them to use a system like 1Password that will let them generate unique strong passwords.
For a huge majority of people, the odds of them losing, breaking, or wiping their phones and misplacing or forgetting to save their backup codes is MUCH higher than getting hacked while using a 1Password system.
2FA and unique passwords aren't an either or thing. There is a lot of overlap in what they protect against but it's not complete. Having a strong, unique password won't help again being phished but 2FA can help mitigate the dangers of password reuse.
I get that everyone's exposure to and acceptance of risk is different. I understand that sometimes the best you can hope for out of a non-technical friend is that they accept maybe one piece of advice at most, but I'd disagree with the priority. 2FA is extremely powerful.
1Password supports saving the 2FA token: https://support.1password.com/one-time-passwords/. Though you could argue that's not much safer than not using 2FA since if 1Password is breached, the tokens would be available as well.
As an alternative, you could use Authy, which backs up the tokens encrypted (just don't store the Authy password in 1Password if you're worried about that being a single point of failure).
The Nylas Cloud API makes it an order of magnitude easier for companies to add email, calendar, and contacts integrations to their applications. By being at the core of business to business communication, scheduling, and contacts, we believe we can shape the future of how people work.
We’re hiring senior engineers to help us scale and build new products on top of our APIs. Right now our open-source Python-based sync engine regularly archives terabytes of data across a massive SQL cluster, and our APIs handle tens of millions of requests a day. We aim to scale that several times over in the next year.
Our team (https://www.nylas.com/team/) is roughly equal by identified gender (including engineering) and is comprised of startup founders; Debian contributors; {{Large Tech Corp®}} alums; MIT, Columbia, Yale, CMU, Olin, alums; and a professional dancer from the San Francisco Ballet. We actively and regularly work with the entire team to shape our culture to our ideal of honesty, transparency, individual empowerment, and kindness.
You must have a growth mindset, have enough engineering experience to architect complex systems, have a track record of managing your own projects, have a strong sense of practical shippability over engineering purity, have a natural tendency towards humbleness in your own abilities, and have an innate desire to pass that knowledge onwards.
I used to have a password algorithm then switched to 1Password and never looked back.
My problem of 4 years of algorithm use was that it would slowly change over time. I began to add mechanisms to predictably rotate the passwords. I began to add mechanisms that dealt with arcane dumb password requirements. Encountering a login from 3 years ago usually had me trying 3 different variants before getting it.
Furthermore, my algorithm still produces passwords that have considerably less entropy than a password generator will do for you.
The other advantage of password managers are for those damn security questions. I now routinely use 4-word diceware generated password as my security question answers and can store those in 1Password as well. The number of websites that let you bypass login with just a security question is mind blowing.
Man, not a day goes by where I dont feel relieved and ecstatic that I have 1Password.
Everytime I go to an obscure website I rarely visit and I have to log in, I hope it's in my 1password account, and when it is I feel so releived I dont have to worry about what my damn password is for that one site.
Obscure password requirements are what drove me to 1password.
It's also tough to beat the developer experience that the modern JS ecosystem has brought to app development.
The Chrome dev tools alone are pretty incredible. Getting that much detail in your debug environment, paint cycles, render times, animation effects, and quick style experimentation is a huge deal.
The package ecosystem for JS is also an enormous advantage. Having access to data layer systems like Redux & the Redux dev tools, as well as any module designed to run on Node.js really helps ensure an actively developed ecosystem that abstracts more and more away from the end application developer.
Finally, I argue that performance bottlenecks are rarely an issue of the javascript. V8 is extremely fast and only getting faster. Most bottlenecks come from doing something dumb during rendering, or tying up a process reading from disk. These are issues that happen on all app platforms. The big difference is that Electron gives you to tools to effectively debug and optimize these, plus a HUGE wealth of online resources & tutorials to help new developers jankbust.
The Nylas Cloud API makes it an order of magnitude easier for companies to add email, calendar, & contact integration to their applications. By being at the core of business to business communication, scheduling, & contacts we believe we can shape the future of how people work.
We’re hiring senior engineers to help us scale & build new products on top of our APIs. Right now our open-source Python-based sync engine regularly archives terabytes of data across a massive SQL cluster, and our APIs handle tens of millions of requests a day. We aim to scale that several times over in the next year.
Our team (https://www.nylas.com/team/) is roughly equal by identified gender (including engineering) and is comprised of startup founders; Debian contributors; {{Large Tech Corp®}} alums; MIT, Columbia, Yale, CMU, Olin, alums; and a professional dancer from the San Francisco Ballet. We actively and regularly work with the entire team to shape our culture to our ideal of honesty, transparency, individual empowerment, and kindness.
You must have a growth mindset, have enough engineering experience to architect complex systems, have a tract record of managing your own projects, have a strong sense of practical shippability over engineering purity, have a natural tendency towards humbleness in your own abilities, and have an innate desire to pass that knowledge onwards.
Olin alumni here. Having Babson nearby definitely added to my experience. I was intensely interested in entrepreneurship during school, and took several Babson classes.
They're definitely very different and independent schools, however. While I have several friends from Babson, my social & professional life has drifted away from there. Of the companies mentioned in the article a handful of them (like Big Belly) are the results of fruitful Olin-Babson collaborations. The majority of companies that come out of the two schools, however, have had less cross-campus collaboration than I think many would like.
Olin alumni here. First of all this is an incredible survey of what Oliners have been able to achieve so far! Huge thanks to Lee & others for putting this together.
I've been a huge fan of Olin's educational model and am proud to have turned down Stanford to go there. From the very first day you get to Olin, you're immediately immersed in a collaborative, figure-it-out-together, project-based environment where failure happens and there's no ceiling to the scope of what you can do.
They also try harder than any curriculum I've seen to really ingrain the importance of an entrepreneurial mindset and user-centered design thinking throughout the program. For example, all sophomores are required to take a set of design classes that forces you (though much struggling) to emphasize the viability and desirability, not just the feasibility, of everything you do. Most classes make you to orally present and really communicate your ideas to an intentionally skeptical audience.
By the time you graduate, many begin to realize how well this actually prepares you to not just make cool things, but also structurally think about what people want and how to realistically make it viably work in the real world.
The tech industry notices as well. Oliners have had an extremely strong tract record, particularly in product management programs, at most of the big companies. If you're a PM at Google, Facebook, or Microsoft, you likely know an Oliner, which given a graduating class 80ish, is pretty good reach. Big company PM programs are also not foreigners to producing a lot of entrepreneurs and I've found many of the skills we were taught in college come around again and again in this industry. These skills are also highly prized by places like HBS, where a disproportionate number of Oliners also find themselves right after graduating.
Right now, we definitely play the law-of-small-numbers game. The school is very new (first class was 2006) and the class sizes intentionally small. The size is limited to ensure Olin can continue to be a laboratory for education pedagogy. Over time, however, I'm definitely optimistic this trend will only continue and I'm prod to have known several of the people mentioned in this article.
Other college alumni here. Nothing I learned in college has helped me to the place where I am. And I do not want to be classified by the college I graduated from. I stayed for four years and I graduated. I am learning new technologies everyday and I am doing very well on my own. I simply do not care what people in tech giants think about my school.
> Nothing I learned in college has helped me to the place where I am.
:( That's too bad, I hope they change something. Certainly some people will never benefit from organized learning, and perhaps you're in that category and it's otherwise a great school, but most people aren't like that.
When I looked at this, my immediate reaction was how awful long the files are. A programming language's community should encourage smaller files that do one thing.
i like large files, it makes it so much easier to read the code, figure out what it does, find stuff, and refactor. i like it when the entire program is just one file, except for the modules source. i hate when there are 10000 files all containing 5-10 imports and then just one or two lines of logic. or worse; include files within include files several levels deep that all touch global variables. my idea of good abstractions is to only lift out code that has no couplings and no shared logic with the program, like modules that can be reused by other people in other programs.
The files are long on purpose -- as the article says: The code samples where chosen by finding popular repos for each language and using the longest file in each repository.
One of the examples is the jQuery source code, but the long file shown isn't the actual source. The real source code is broken up into a number of much smaller files, and the jquery-2.2.4.js file shown on the page is built from these smaller files.
For a huge majority of people, the odds of them losing, breaking, or wiping their phones and misplacing or forgetting to save their backup codes is MUCH higher than getting hacked while using a 1Password system.