Archive for September, 2009

Password Protection #101

I recently made a rather shocking observation. On one of my sites (I’ll gloss over the finer details), I ask users to register with an email address and a password. As you’d expect, many email addresses were from simple webmail providers such as Gmail and Hotmail. So, for educational purposes only (I must stress), I switched over to one of these said providers, popped in some random soul’s email address and password, and surprise surprise, it worked like a charm. In around 10-minutes of trial and error, I had successfully infiltrated around a dozen email accounts.

Now, most people’s inboxes are pretty unexciting, but once you have access to one’s email you effectively have access to every web service they use, and well, pretty much their entire identify. How? Well, practically every site with a login has some sort of ‘Forgot your password?’ feature. Hit that a few times across the web, and you’ll quickly find yourself with login details for dangerous things like Paypal, Facebook, or an ecommerce site (which may have your credit card details stored). From there, an unscrupulous character can cause all kinds of havoc.

Of course, this lesson is nothing you’ve not heard before. Most experts recommend using a super-difficult-to-crack but insanely-difficult-to-type-and-remember password – oh, and make it unique for each site you use. This is somewhat unrealistic, so I guess I’d recommend the following practical measures:

  • Use super duper cryptic passwords for really important financial sites like Paypal and your bank. Don’t even think about using these passwords for anything else.
  • You’re probably best having a completely unique password for your email too. If it’s never compromised, it doesn’t make all that much sense to change it regularly.
  • Use a simple throwaway password for simple websites where any risk is really small.
  • Never use a password for a random website, however innocent it may look, that you’re also using for something potentially damaging (email account, Facebook, etc.).
  • Perhaps keep track of your passwords in a handy spreadsheet (mine has 254 entries, which is somewhat disturbing) or a notebook.
 Tags: Internet, Random   Published: 9th September '09

Optimise My Site & Win a Prize

I’ve finally started to lift my finger a bit with Mafia War Secrets, the info-product site I acquired a couple of months ago. It’s performed far better than I had anticipated, yet it’s fate is far from certain. The Mafia Wars game is likely to fade into non-existence as quickly as it has risen to stardom, and five competing products have suddenly hit the market, all trying to attack the same niche segment. For these reasons, VRE veterans typically opt to build upon evergreen sites – and I’m starting to see why. Nevertheless, there is plenty of opportunity for me to squeeze more potential from the site.

Therefore, it’s pretty imperative that I maximise the site’s potential while times are good. I see this being best achieved pursuing two goals; seeking out as much ROI-positive traffic as possible (I’ve made good inroads here already), and improving conversion rates to make the most out of the inbound traffic. I now intend to focus my efforts on the latter. As previously discussed, it’s incredibly easy to develop and roll out simple A/B tests and steadily increase conversion rates through continues iterations on the sales page. I’ve kicked off by testing the title copy that appears right at the top of the sales patter:


Version B was the original copy (the control). Conversion rates are shown first, followed by the percentage increase relative to the control. Versions A and C performed less favourably, but version D proved to generate an increase to conversion rates.

The impact is staggering: 5-minutes of labour gave way to a 3.86% uplift in the conversion rate. Annualised, the absolute value of this roughly equates to say, a return LHR:JFK flight, not bad at all.

What next? There are zillions of variables that could be tested, but in truth I seem to lack the mojo to make any real inroads. Hiring the services of a professional copywriter could prove expensive and risky. That got me thinking; why not run a risk-free contest whereby I award anyone who can provide demonstrable results? And so I will.

It’s simple: suggest a small change to a title, some additional text, new images, or a completely new design altogether – whatever really. I will then pit your entry against the existing page. If your ideas produce a >10% increase in the relative conversion rate (ie. 2.69% to >2.96%), you’ll instantly win $100 via Paypal. This winning entry will then become the new control which would need to be bettered by future contestants.

I’ll be happy to provide a log-in to the conversion tracking software so that you will have full transparency on how your entry performs. Reverse A/B testing will also be used to verify results.

To take part, just jot me an email with your entry and I’ll get it going within a day or two. Be sure to spread the good word!

Update: The one and only Mr. Zilic has entered the ring with 6 different tweaks to the sales letter. Despite best efforts, he’s yet to push me out of pole position – although one or two are in with a running chance. Anyone else up for the challenge?

Update #2: I’ve taken the plunge and hired two professional copywriters to see what they can muster together. Risky procedure.

Update #3: Danny has pulled off the impossible and beaten me. $100 is now winging it’s way to him. Nicely done sir.

 Tags: Business, Internet   Published: 1st September '09