Our blog

The best worst passwords of 2015

One of my favourite parts of the new year is the best/worst lists of all the things that happened in the previous year. When it comes to passwords, the list definitely falls under “worst.”

A simple Google search for “2015 top passwords” returns a long list of blog articles like this one. From that article, here’s a sampling from the top of the list:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789

With cybersecurity becoming a regular topic in the news, it truly surprises me that ‘123456’ is still being used by anyone, anywhere.  Not only is a short password easy for a computer to guess by just working its way through all the possible combinations, but common passwords like ‘qwerty’ and ‘pa$$word’ are compiled into lists that hackers can use effortlessly, guessing thousands of passwords without breaking a sweat.  If you’re using a common or easy-to-remember password, there’s a very good chance it’s on one of those guess-lists.

Back in 2013 I wrote an entry on password strength which urged people to use a password manager.  More recently I wrote another one on my personal blog saying the same things all over again. If you haven’t guessed it yet, that’s also what this post is about.  

Why am I repeating myself? Because 123456 is still the #1 password out there!!

You might be thinking to yourself, “I’ll never be targeted. I’m not important enough, or well-known enough for someone to bother.”  You’re wrong.  Computers are amazing things. Imagine thousands, hundreds of thousands of computers with nothing better to do all day than wander around the internet trying combinations of emails and passwords. If they are lucky enough to find a combination that works somewhere, that’s noted and then that combination is tried everywhere — this is the key reason to use a unique password for every online service you use.

Interested in finding out if your email address (and maybe related password) were ever involved in a breach? Check out this site: haveibeenpwned.com (unaffiliated with Wave). 

You need a strong, unique passwords for every site you register with — one that’s tricky to remember. (If you can remember it, there’s a really good chance a computer can guess it.)

For every site? Yes — a different password for each of them.  Even sites containing non-sensitive data should be protected, because they are part of your online profile. With enough ‘trivial’ data about you, from a variety of sites, bad actors can begin to put together a reasonable picture of “you”. With those details, and through social engineering, it becomes easier to gain access to bigger, more important sites.  Here’s a great example of what I’m talking about: A well-known security researcher had his Paypal account compromised with no “hacking” involved.

Is this scary? Yup. But being scary doesn’t make it untrue. This is the state of things in the world today.

Is it avoidable? You bet! With good password practices.

Enter the world of password management software and services.  KeePass, 1Password, LastPass, etc. — a Google search for “password manager” will return loads of results. Read the reviews, check out the features, and pick one that works for you.  Make full use of it — generate passwords with lots of complexity (special characters, numbers, mixed case) and plenty of length (I use at least 32 characters).  Don’t worry: This doesn’t make it harder for you to log in. Quite the opposite! Once you get used to using these tools, a simple keystroke or button click and you’re logged into your favorite sites. Better passwords AND faster logins. Double win!

Hopefully you’re already using a password manager and your passwords are amazing. If not, I hope I’ve convinced you.  See you again next year, and I bet 123456 is still top of the list, but hopefully not related to any accounts you own.

—Brian Masson, Wave's Information Security Officer

Continue reading

Supporting women in startups and tech

Encouraging women to join startups and to build careers in technology, engineering and sciences is not a new challenge.

Just like the men we hire, the women on the Wave team have been hired because they are very good at what they do. However, in the tech sector and in startups specifically, gender diversity isn't something that will happen by itself. At Wave, we're paying specific attention to this issue and we’re proud to be pioneering programs to be part of the solution.

We've begun a Women@Wave program to provide a forum for the discussion and exploration of topics specific to women in technology companies, as well as mentorship programs and role models for our “up and coming” women leaders in all areas of our company.

The challenge in hiring a gender-diverse team extends outside our walls, too: There simply aren't as many women pursuing careers in software development, engineering and in the technology sector, as there are men. To that end, we're thrilled to be supporting PyLadies, a local meetup that teaches aspiring female software developers the basics of Python, the programming language on which most of Wave is built.

PyLadies meetup at WaveHQ

Interested in getting started as a Python developer? Join PyLadies at Wave headquarters at 6:30 p.m. on Tuesday, January 26. Meet some of Wave's developers and learn how to get started with this powerful programming language.

Maybe you've already progressed beyond the beginner stage with Python. Great! Send us your resume or let us know if you'd like to stay in touch so we can invite you to an upcoming open house, where you can meet the team and check out Wave HQ for yourself.

—Ashira Gobrin, VP People & Culture, Wave

Continue reading

Why experienced business owners always have an open credit line

This sponsored post is provided by Bluevine.

Many first-time business owners think about cash flow only when their cash reserves are low. Drake, founder and CEO of a digital marketing agency, didn’t find a funding option until after he already felt the consequences of lumpy cash flow. He watched his cash spike when a client paid, and then dwindle down while he waited on the next client to pay their invoice.

“I have good clients. They all pay,” said Drake. But the lumpy cash flow issue was a problem: “I was having to tell employees, ‘I’m sorry, but I have to delay your paycheck.’ I was constantly watching my mail for the next check, which was a huge stress.” Then Drake found a way to get advances on those invoices to get cash when he needed it. “The stress was 90% cut,” he said.

Shegar, who was a regional manager for a big retailer prior to being a business owner, took a different approach for his security business. He went searching for a credit line while his business was still healthy and he still had cash in the bank. Why? “Even if I don’t need it now, I will always have a reserve. It’s worth it, even if you have to pay a little interest.”

This paid off when he found a big potential client who wanted his security services — starting the next day. Thanks to his available credit line, Shegar was able to front the $20,000 to pay the security guards before the invoices started getting paid by the client and cash started coming in.

Experienced business owners know three things:

  1. A business owner’s time is better spent growing and managing the business, not fixing cash a flow crisis. Having a credit line gives you breathing room so you can focus on your important business operations instead of watching every cash flow dip — and so you can sleep better at night.
  2. A loan or advance is almost always cheaper than delaying payroll or turning down business. A new business owner focuses on the cost of financing; an experienced owner knows that the hit to morale from delaying payroll or the lost profit from passing on a new client are both more expensive than the short-term cost of financing.
  3. Shopping during a crisis makes you easy prey for shady financiers. Many short-term financing vendors couple long-term contracts with hidden fees to lure in clients who don’t have time to do good research. Look for a credit line when thing are good and you have time to do your research.

Experienced business owners know to expect the unexpected. Having an available credit line, even if rarely used, is a key tool when that unexpected cash flow dip happens.

Continue reading

Invoicing Just Got Better

We heard your feedback, and just in time to start the new year we've created a simple and streamlined way to view, send, and manage your invoices.

Now, from a single page, you can:

  • see when the invoice was viewed by your client
  • find out when and how your invoice was paid, and send a receipt
  • send or re-send your invoice (now with live preview)
  • quickly create another invoice
  • see your invoice status at a glance

...and more.

New Invoice Software

Invoice templates get a makeover

We’ve updated our invoice templates! These 3 new designs make better use of your customizable accent color, to really show off your brand. All the new templates were professionally designed to make your invoices easier to read and understand, so your clients can pay you faster.

new invoice templates from Wave

These new templates replace what you’ve used in the past. Your template will be upgraded automatically to the new "Contemporary" template. You can change templates, along with your accent color, in the Invoice Customization settings.

These improvements are available now in your Wave account. Create an invoice to see for yourself.

That’s not all! We're working on even more improvements. Coming soon: an easier, faster and more customizable way to create invoices.

Thanks, and on behalf of the Wave team, Happy New Year!

Rahim Damji
Invoicing Product Manager

Continue reading

Speed, better bank connections and more

A message from our CEO, Kirk Simpson:

As we approach the end of the year, we wanted to give you a few little gifts to make you smile.

Let's start with speed.

Simply put, nobody likes pages that take a long time to load. So we've made a bunch of improvements to Wave — from added horsepower on our servers, to reprogramming how certain pages function. The result: A huge boost to speed.

On the Dashboard, some customers will see page load times cut by 50%.

On the Transactions screen it's even better. Time lag for verifying transactions has been cut by 95% — and in some cases, even more!

This is just the start. We will continue to maximize performance through every page in the application, so that we can get you back to doing the things you love.

As well, we recently improved how bank connection problems are managed. If Wave encounters an error importing transactions from your bank or credit card accounts, there are now better notifications and processes about what needs to be done to get things up and running again. We know that connecting your bank account is one of Wave's great time-saving features, and we want to ensure you get maximum benefit out of it.

Looking toward 2016...

These improvements are a nice way of capping off the work the team has done this year. In 2015 we're proud to have delivered more than 1,000 changes and improvements — some big, some small — that make invoicing and payments, accounting and payroll even better.

As I told you a month ago, we have big plans for the coming year. We've already launched tests for new accounting and invoicing features, involving more than 10,000 customers.

Though we keep a lot of the details under our hat until things are ready to launch, I can say that we expect several invoicing improvements to roll out in early January, including a new set of invoice templates. The templates, and the emails that deliver the invoices, were professionally designed not just to look good, but to get your customers to pay you faster.

As we move into 2016, I want to thank you for your ongoing support of Wave. When we hear that Wave is making you more successful with your business, it drives us to work even harder to help you achieve your dreams. We're looking forward to doing more for you in the coming year.

From the whole Wave family to you and yours, I wish you a safe, peaceful and happy holiday season.


Kirk Simpson
CEO, Wave

Continue reading