Click here for an interesting post on the power of using “click here”.

Inc.com has a good analysis of two sites that were modified to improve conversion rates. And here’s an account of a popular online store that has gone brick-and-mortar.

Arstechnica looks at what happened to Urchin after it was bought out by Google.

It’s a follow up to their earlier report on the same subject. There’s a link to that within the article. Definitely worth reading.

And speaking of passwords, we get to see a lot of, er, interesting ones. Although many banks and other sites have instituted frustrating login systems, forcing you to change your password frequently, use a mix of numbers, letters and mixed case, remember a bunch of security questions and the like, there is a good middle ground for your own site and store passwords. Don’t use any of the most obvious passwords, your sitename for both the login and password, and, if you’re generating a password for temporary use, don’t use “temp” “support” or, one of the best that I’ve seen–login: “help”, password: “me”. Personally, I don’t like the auto-generated OpenUI passwords either, as they have the same format, only changing a few digits. And, of course, regardless of the quality of your password, you shouldn’t be storing credit card numbers on the server. A defaced site can be fixed, losing your customers’ card numbers cannot.

1. Jen from Hostasaurus describes an incident where her gmail account was improperly accessed for use with Google checkout
2. BoingBoing gives an account of Astroglide exposing their customers, er, preferences by putting confidential information in web accessible directories. The wonderfully named Homeland Stupidity has more details. Needless to say, it’s never a good idea to store data in a public area.
3. BoingBoing also covers an issue where online buyers are slipping orders past unwary online stores using some address trickery. You might want to make your shipping department aware of this one.