When Bad Institutional Websites Happen to Good People

November 10, 2010

In Vancouver the public transit is operated by Translink. There are lots of good things to say about Translink. The buses are clean and fairly punctual and the drivers are generally friendly and helpful, sometimes exceptionally so. The routes are well-planned and the service frequent. The SkyTrains are a marvel of efficiency and comfort. The train service to the airport, launched during this year’s Vancouver Winter Olympics works brilliantly. It takes you to the airport in record time and the price is a bargain.

Translink’s website sucks.

Of course “sucks” is relative. It doesn’t suck as bad as many other public transportation websites. And it does some things well. But it sucks in two important categories:

1. Passwords.

Unlike nearly every other website in the universe, your password for Translink must include not just letters, not just letters and numbers, but “must contain a minimum of 8 characters, at least 1 non alpha numeric character, and at least 1 numeric character.”

Then you must enter a Google reCAPTCHA. I’ve written about these sometimes-nifty check-if-you’re-human utilities before. More recently I’ve been collecting some crazy samples of inscrutable reCAPTCHAs. Here are a few from my collection, blended into a single image:


My reCAPTCHA Collection

An outcome of Translink’s registration process is that it took me about 20 minutes last week to register, and so I was 20 minutes late for the launch of Daniel Francis’s new book. Yes, if I’d just read the fine print I’d have registered more quickly. But, like you, I’ve now registered for hundreds of sites, I no longer read the fine print, and by default register with an alpha-numeric password, which nearly always works. I was left wondering why a bus schedule website would insist on such draconian security, and posed that question in a comment form on site.

2. Typing your address to find the next bus.

A little knowledge is a dangerous thing. Many of the streets in Vancouver are numbered: the major east-west thoroughfares number from First Ave. to 73rd Ave. But don’t try typing those numbers as words, and don’t forget whether the address is east or west. The form on the site tries to make an informed guess. In my experience it usually just gets baffled, or guesses wrong.

Say What?

Say What?

Then when you finally do enter the right address the system looks for every possible combination of bus routes that can bring you near your destination, with the default sort being total travel time in a moving vehicle.

And the best choice is?

And the best choice is?

So, nobody’s perfect, and few websites are. But can’t these problems be fixed?

To Translink’s credit, a genuine human telephoned me yesterday to respond to my criticism about the password. I was told that the reason for the complex password is that two years from now the site will link to payment information, at which point the extra security will prove valuable. I did not ask why Translink does not follow S.O.P. and ask customers to change their passwords if and when it becomes necessary to do so.

I did take advantage of the human to ask about the buggy address recognition system. I was told that the original programming for the site was very expensive, and would now be prohibitively expensive to fix. Many aspects of the site work well, so why throw the baby out with the bathwater?

Hmm. Interesting rhetoric. It’s possibly a plausible argument to make to folks who complain about how tough life can be living in Western countries. “Well, try living in Africa,” some respond.

I don’t think the rhetoric applies to websites. If a core function doesn’t function the programmer should be asked to fix it. Someone at Translink signed off on this project perhaps without fully testing it first.

And if all else fails, there’s always tactic #2 for those who complain about the usability of your site. “Well, it works fine for me,” I was told yesterday. “I don’t know why you’re having a problem.”

Tags: , , , , ,

When Captchas Go Crazy

July 7, 2010

I was on the Audience Development magazine website tonight, led there once again by Bob Sacks, and found an interesting piece of news about magazine circulation…which will appear on my next post (such suspense!).

This post is about CAPTCHAs. Did you know that CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”? CAPTCHAs usually require entering difficult-to-read alphanumeric text. This site uses a very simple MAPTCHA, the mathematical variant, because my astute Webmeister, Elia Kanaki, convinced me that it doesn’t have to be fancy to be effective. I still get some spam, but it appears to be generated by humans.

The most recognizable CAPTCHAs come from reCAPTCHA.


If they’re too difficult to see, or too long to bother, you can just keep clicking until an easier one appears.


But tonight I ran into a new CAPTCHA that made me LOL (laugh out loud).


That’s not a word! I assumed everything was garbled, some kind of programming error. I tried it on two more entries.

What is the third word in the phrase “sahiqu boso poy enub won”?

What is the second word in the phrase “fex madib qifot ewew nucit”?

None of my comments were acknowledged, and none appeared on the site. So of course I went googling and learned that for sites built with the open source DRUPAL software, this is a standard CAPTCHA format. So I guess the folks at Audience Development still moderate the comments even if the CAPTCHA is entered correctly (I do too). They’re going to be scratching their heads tomorrow morning when they see my goofy comments.

I’m glad that Elia talked me down from getting too fancy with my CAPTCHA. Once you get onto the path of paranoia about too many spam comments, there’s no stopping. On the DRUPAL site one distraught programmer comments on an early version of the DRUPAL text CAPTCHA “I am working on it to make it harder, e.g. ‘what is the third character of the second word of …’, and more difficult questions.”

The CAPTCHA continues to evolve over at reCAPTCHA.


Cute, no? Try programming an automated spambot for that one, you evil spammers!

But meanwhile the days of the CAPTCHA are dwindling, as the era of social networking overwhelms us.


Sites increasingly rely on third-party social networking log-ins to confirm your identity, and presumably over time, to tie a tweet or a Facebook favorite or some other loathesome false flattery with one’s attempt to post a comment.


Tags: , , , , , ,