Trust the Administrators

Whenever some developer or project manager tells me that a software application does not have to provide bulletproof validation for administrators because they’re not as dumb as normal users, I pause a moment to reflect upon administrator genius:

trumwill: Over the weekend the company changed everything on the network. They sent out an email with our new network passwords.

morequen: Wait, they sent out *an* email?

morequen: with everyone’s password?

trumwill: Everyone’s password being the same, yes. They advised us to create a new one.

morequen: wow

trumwill: Which would be possible if we could, you know, log in to see the email. Which of course we couldn’t because our passwords didn’t work.

Administrators are just users put in charge of other users. Smarter? Maybe sometimes. But software shouldn’t be written as though its users are Steven Hawking, because sometimes those presumed genius-level administrators are nothing but users tasked with administrative responsibilities.

(Link seen on Dustbury.)