第一次看此系列文的朋友,請先移步到 Day 1 – 如何開始?進行方式、自我介紹實戰 哦!
團隊準備推出第一版登入功能。PM 說只要「帳號密碼登入」就好,但同事開始討論要用 Session Cookie 還是 JWT、密碼要用 bcrypt 還是 Argon2、要不要先加 二步驗證。你常常卡在如何清楚表達立場與取捨。
今日目標:能用簡單英文提出技術偏好、點出安全與維護性的取捨,並給出可落地的建議。
[Config]
- Day: Day11 – Tech Discussion
- Scenario: Team discussion to design a simple login system for a web app (MVP). Focus on choosing between session cookies vs JWT, password hashing (bcrypt/Argon2), basic safeguards (rate limiting, lockout, generic error messages), optional MFA later, and pragmatic trade-offs (security, maintainability, time-to-ship). If mobile or cross-domain APIs are out of scope for v1, say so and propose a phased plan.
想一下:
並且把關鍵字寫下來。
我的關鍵字:
記得把對話錄下來,自己聽一次,想想有哪裡不自然、哪裡需要調整。
救命句:
Let’s keep the first version simple.
爭取思考時間:
Give me a second to weigh the trade-offs.
說明目標 / 範圍
For the first release, we only need basic login and logout.
Our scope is MVP: email/password, reset flow later.
表達偏好(Session vs JWT)
I prefer session cookies for server-side control and revocation.
JWT suits stateless APIs, but sessions are simpler for web-only.
安全考量(密碼雜湊 / 基礎防護)
We should use bcrypt/Argon2 and enforce a lockout policy.
Let’s add rate limiting and avoid detailed error messages.
同意 + 小補充
I agree, and we can phase in MFA later.
That works; let’s start small and monitor.
保留意見 / 指出風險
I see the benefit, but it increases maintenance cost.
I’m not sure it’s necessary for MVP due to the timeline.
提出替代方案
Alternatively, we can store sessions in Redis for scalability.
Another option is to start with sessions and evaluate JWT when we add mobile.
比較取捨(效能 / 維護 / 安全)
The trade-off is faster iteration vs. long-term flexibility.
This improves security, but it adds complexity to the first release.
決策與下一步
If we agree, I’ll draft the checklist and implementation plan.
Let’s decide today and start a small spike this week.
今天去面試的時候發現,前幾天練習的面試回覆結構對我很有幫助。
不只是英文,連思路也可以很好表達出來,收穫很大。
今天的練習一直在思考要怎麼做到練習技術討論,
我想可能要等到最後的終極 RD 夥伴 Prompt 才可以好好練習不同的情境下的討論。
今天在重音的部分還是抓不太到這麼說,尤其是英國腔在問句的時候。
Per-turn Corrections:
You said, “Maybe we can just focus on some like our goal.”
Recast: “You mean: Maybe we can just focus on our main goal first.”
Alternative: “Let’s concentrate on the main goal first.”
You asked, “Do we have any release schedule?”
Recast: “You mean: Do we have any release schedule?”
Alternative: “Is there a timeline for release?”
You asked, “Do we need any MFA like OTP token or cookies?”
Recast: “You mean: Do we need any MFA like OTP tokens or cookies?”
Alternative: “Should we add MFA like OTP or cookies?”
Top 3 Patterns:
Clarification of Questions: Often you need a simpler rephrase. Mnemonic: “Keep it short and clear, then it’s easier to hear.”
Plural Forms: Sometimes you missed plurals like “tokens.” Rule: If it’s more than one, add an ‘s’ for fun!
Polished Requests: Politeness helps. Tip: Start with “Could you” or “Can we” to sound smooth.
Phrase Pack:
“Let’s focus on the main goal first.”
“Do we have any release schedule?”
“Should we add MFA later?”
“Can you define the scope of the MVP?”
“We’ll keep mobile out of scope for now.”
Intonation Tip:
Try emphasizing the key word in your question. For example, “Do we have any release schedule?” This helps the listener focus.
Fluency & Pronunciation Notes:
Your pacing is good; just keep sentences short.
You repeated corrections well—nice job!
Watch out for singular versus plural forms.
Intonation improves when you stress the main word.
Overall, you’re clear and easy to understand.
Key Focus for Next Time:
Practice short, clear questions (2–3 minute drill).
Work on plural endings (just add ‘s’ or ‘es’).
Use one-minute shadowing to repeat model sentences with good intonation.
iThome鐵人賽
看影片追技術