I have often thought that iTunes for windows could be better. I've been developing a program which used the iTunes COM interface for a while now, called iRank. For the most part, iTunes has been fairly good to me, and any inneficiencies I have managed to work around. But in recent testing, I was confronted with a rather alarming error message which iTunes sent my application (pictured on the right).

Catastrophic: (adj) Causing ruin or destruction.

Now, I'm not normally one to panic, but this did not look like a good thing. iTunes has handed me a few null-reference errors in the past which weren't too scary, but this one seemed like a pretty big deal. I do not normally consider my computer as a place for ruin or destruction, and being told otherwise was a bit of a shock to me.

Oddly enough, I couldn't actually spot anything out of place after this error occured. I tried to recreate it, but it seemed to be shy, and I couldn't reproduce it.

This afternoon however, it struck again. But this time, I figured out why:
For every Playlist in iTunes, there is a function called PlayFirstTrack(), which does exactly what you might imagine. However, if there are no tracks in said playlist, what is iTunes to do?

Personally, I would have said that it might raise some sort of Empty Playlist error, or maybe Track Not Found.
The iTunes programmers, it seems, disagree. For this is the exact circumstance which raises the previously mentioned Catastrophic Failure error message. I know iTunes dearly loves to play music, but is it really that much of a catastrophe if it has no tracks to play?

Long time readers of this blog (there have been rumors, but I'm still not convinced they're out there) may remember back in october when I gave this cool TiddlyWiki thing a CSS makeover. Since then, TiddlyWiki has become at least twice as awesome, but not much prettier. My friend Matt stumbled across TiddlyWiki last week, and I showed him the re-style I did of the original version. He got enthused about it, and wrote the new CSS code to give the new version a similar look, which was no small task. We then went back and forth a bit, did some more changes, and ended up with a very nice final product.

Since I am inherently lazy, I shall direct you to Matt's post about it now so that you can read all about it ;)

OK, I got a little obsessed with this idea, and I've updated the original password bookmarklet to include added awesomeness(tm).

Now, instead of a Javascript prompt, it creates a floating HTML element in the current window. With this implementation you can finally type in your master password without it being displayed in clear text (it's just like a regular password box).
You can also edit the subdomain it uses if you need to, but this is as unobtrusive and as easy as possible.

Essentially, this script is now as awesome as I'm gonna make it. So use it! Drag it to your bookmarks bar to store it as a bookmarklet, or just click it to see what it does. Go on, you know you want to!

Password Generator

By the way, please leave a comment and tell me weather it works on non-firefox browsers (namely Safari and Opera). I'm aware that it won't wotk in IE due to bookmark length limitations, but that's beyond my control...

Update: Since it doesn't work in IE, I've put up a page that works in IE. It's a good idea to save this page to disk so you'll never be without it if my site goes down...

It's simple common sense that using a unique password for every site you sign up to decreases the severity of someone discovering your password (it'll only work on one site). Yet hardly anyone does this, because it's so damn hard to remember them all. Sure, you could use some special software that stores all your passwords under a master password, but that's extra effort as well.

Nic Wolff has come up with an amazingly simple, easy and effective solution. Essentially, you take the domain of the website, append your master password, and then use the MD5 Hash of this string as your password.
For the non-technical among us, suffice to say that the resulting password is almost always unique for each domain, and contains no trace of your original master password...

If you're still not following, have a gander over here for a narrated visual run-through of the process.

Through the wonder of modern browsers (sorry IE users ;)), you can have the entire code for this in a javascript bookmarklet. Simply click it, enter your master password, and it'll generate the corresponding password for the domain you're currently visiting. I've made a couple of small changes to the bookmarklet that Nic provided, as follows:

• It doesn't fill in text boxes called "password", only real password fields. This just seems a bit safer to me.
• If no password field is found, it shows you the result in a prompt (so you can copy it manually).
• It shows you the domain it's using
• In the second version, you can specify the domain (for if the login page is on a different domain to the signup page).

Not terribly huge improvements, but I felt they were needed in some cases. Actually, the hardest part was turning the javascript into a bookmarklet. Damn escape sequences :/

Drag either of the below two links to your bookmark bar to save it as a bookmarklet, or just click it for a demonstration of what it does:

• Password Generator
• Password Generator (Specify Domain)

Update: I've improved this script a whole heap and posted it here. It hides the password (just like a regular password input box), and is much nicer in general. It doesn't seem to work in Safari yet, which is why I've left these versions up.