If you’re a fan of the Google Webmater Help Youtube Channel you’ve probably noticed that Matt Cutts has been answering a lot of questions from “Ryan in Dearborn, MI.” To those of you wondering, yes I am that Ryan.

I don’t know Matt at all. I’ve never met him and probably never will – but after watching his first round of videos I realized that “spamming” the questions could be pretty useful. Actually, spamming isn’t the word. Perhaps “seeding” is more appropriate.

I submitted about 10 questions to the latest grab bag, and so far Matt has answered 3 of them. (He’s actually answered about 5 or 6, but just chose a version submitted by somebody else.)

So what was the opportunity I saw? It wasn’t to get Matt to teach me about SEO (my goal is always to experiment and learn based on data) and it wasn’t simply to get my name out there either. I work at an agency, so there’s really no value in me building up a personal brand.

The reason I asked several of my questions was so that I can have somewhere to point people to when they start spouting off about some of the crazy myths they believe about SEO but haven’t put any effort or time into actually testing.

Remember when Matt talked about how load speed could be a factor in ranking and tons of SEOs obsessed about making their pages faster instead of more relevant? That’s why I’m glad he answered a speed question.

One of the biggest problems in our industry is that so many SEOs out there simply don’t test or do research. They lurk in forums and blogs reading all kinds of unsubstantiated theories hoping to find that hidden secret that will vault them to the top of Google without having to actually build a more relevant site. It’s these people that need to watch the Cutts videos.

That’s why I asked questions about putting ® and © symbols into Title tags and text:

That’s also why I asked some snarky questions too – and it looks like even Matt couldn’t resist taking some subtle jabs at the SEO community:

While the stated goal of webmaster help is to help webmasters, it’s my view that it can also help to correct SEOs about many of the myths that they’re still spreading.

I’m cleaning out my domain portfolio and am going to get rid of the following domains. If you want one, make me an offer and I’ll transfer it to your GoDaddy account for free. I’m willing to let these go for mere pennies.

BurgerTales.com (was going to be a fast food blog)
CMSbasic.com (we could all use a basic CMS right?)
DontSayLike.com (has a site on it, you can have that too)
Downlifted.com (this term was coined by the freakonomics blog)
Downlifting.com
IHateDNS.com (don’t we all?)
SemanticSelf.com
URLfax.com (a fax service?)
WarcraftScrubs.com (good for making fun of WoW players)
Yugamu.com (means to warp, or be crooked in Japanese)

If you want any of these, they’re yours for $10 OBO Get at me in the comments or on Twitter.

A few years ago while working with openID and hcard at identity.net I wrote a blog post called who supports hcard. In that post I talk about how (just like with openID) everybody wants to be a provider, but nobody wants to accept my hcard when I signup for their service.

According to this list from microformats.org that looks to still be the case. Well over 50 different sites all provide hcard support, but only 4 of them will actually take my hcard information instead of making me re-type it all when I sign up. That’s just sad.

Creating an hcard is easy. Just head on over to microformats and learn the syntax. It’s almost as simple as copying and pasting some span tags around your current content. It took me about 5 minutes to turn RyanMJones.com into a valid hcard.

Reading an hcard is even easier. In PHP it can be done in 4 lines of code. here’s the code. Go try it out.

Hcards and microformats have the potential to both simplify and revolutionize the internet as we know it, but only if people are willing to support both sides; and then take it a little further.

I long for the day when I can simply update my personal website’s hcard and then Twitter, Facebook, Google, Linkedin, and everybody else will see the change and update accordingly. That’s where the true power of the hcard comes into play – yet nobody is willing to step up and harness that power.

But that’s just one of several types of microformats. There’s practically a microformat for everything; and that’s where things get interesting.

I envision an internet in the not so distant future that takes microformats to the next level and applies them to the existing information flow of the internet. Instead of a microformat applied to text, what if I could apply a microformat to a feed?

We have FOAF where I can list friends as I mention them, but what if I could tag my entire list of facebook friends and have it pulled into other applications?

Tons of applications already give me feeds, what if I could do a whateverCard that aggregated all of those feeds into one type of “RyanCard”

Using this new format I could take my picture (gravatar) what I’m doing (twitter) What I’m buying (blippy) what I’m working on (yammer) my friends (facebook) where I’m at (foursquare) my personal information (hcard) employment history (linkedin) and the rest with me wherever I went.

Give me one site that can read microformats and pull all of that data in… then keep it tagged so that other sites can use it.

Or, better yet, give me one site that I can update with all of that information at once and then it will know where to post all of that information.

That’s the future of microformats – but only if the major players in the space are willing to look beyond just offering them and start accepting them as well.

Continuing in the spirit of my post on Why Twitter Bots Are Effective I was doing some prep work for a future presentation and decided to run a few tests.

I got to playing around with a twitter adder called HummingBird and wanted to see how many people blindly follow me back.

I created a new twitter account, uploaded a picture, posted some random crap about SEO that I stole from other people’s accounts and set up the bot.

I told it to auto follow anybody who mentioned “seo”, had over 100 followers, was following over 50 people, had more than 50 tweets, and didn’t have a default image. (I was trying to avoid following bots, and I think it did a pretty good job.)

I let it run for an hour – from about 4 to 5pm. During that time it followed roughly 112 people.

When I woke up in the morning, my Gmail account looked like a mass mail from Twitter. 72 SEOs blindly followed it back!

That’s an astounding 64%! That got me wondering if it was just SEOs, so I did the same thing for they keyword “hockey” and out of around 100 people, I got about 30 followers.

That tells me a few things:

• Twitter bots are still extremely effective
• SEO people blindly follow at a much higher rate than the rest of twitter.
• And most of you still totally over-value Twitter followers

It kind of makes me sad but it does explain why there seems to be so many bots on Twitter; they work!

Oh yeah, don’t forget to Follow me on twitter!

I wrote the following post over a year ago for identity.net – but since that blog no longer exists, I want to re-post it here.

One of the most common ways to “hack” into somebody’s account actually doesn’t involve hacking at all. The easiest method is simply to learn some information about them and then use the “forgot username” and “forgot password” features that many sites now offer.

Implemented wrongly, these features can actually be a very big security liability. The right way to do it is to ask the question, then send an email with password reset instructions (but not the actual password). The wrong way is to validate the user and then simply tell them their password.

Why? Because most security questions are very common and easy to figure out – so if I know a little bit about you, I can easily answer them.

What makes a good security question? It’s not just about scarce information, it’s about non-public information.

Some of the most common questions are “What is your high school mascot?” “What city were you born in?” “What’s your favorite pet’s name?” “What was your first street name?” “What was your first phone number?” and “What is your company’s street name?”

The problem with these questions is that they’re all easily answered on my Facebook page. Birth information is public record – it can easily be looked up. So can my previous addresses, phone number, and where I work. It’s all out there somewhere on the internet.

Better questions are things like “What is your frequent flyer number?” or “what are the last 4 digits of your credit card number?” But even these fail. Many people other than me know my FF number, including my secretary, airline attendants, and TSA employees. The last 4 of your credit card won’t work either since many sites list it as a way to identify transactions.

So what do you do? Simple: Let the user choose their own question.

A good questions should be something that can’t be guessed or looked up, doesn’t change over time, and is easily memorable.

As a user, you should choose something that nobody can easily figure out. My favorite question is “What is your favorite Prime Number?” Another great one I use is something like “Last 3 words on page 15.” It’s useless to you unless you know what book I’m talking about. You could even use a bible here, since there are so many versions in print that it’s almost impossible somebody else will have the same one as you. Another one I once used was “What’s my cell phone serial number?” It’s clearly printed on the back of my phone, and always in my pocket if I should need it. (Just remember to update your question if you get a new cell phone!)

Whether you’re implementing this feature on a website, or simply choosing your own security question – don’t pick something that others can easily guess or look up about you.