Backyard Landscaping: Garden Retaining Wall

We had neglected our backyard long enough. It was time to do some landscaping. The first project was to build a short but long retaining wall along our back fence. The neighbors plot behind us is a couple of feet higher than ours. The fence splits the difference with the bottom acting as a retaining wall of sorts. But it was time to address this head on with something that looked good.

To save money we decided to DIY. I also knew this wasn’t going to be an easy job. Even though the wall is only around two feet tall, it is over 75 feet long. That’s a lot of dirt and materials. Plus we wanted something that looked substantial — so the block size would be large. This was going to be physically taxing, but with some help and wise pacing it was doable!



Our pile of Allen Block

The first decision: what materials to use? After some research we decided on Calstone Allen Block Classic. It had the large form factor we wanted, looked good, and Calstone is a local company — so availability was excellent in our area. The “Classic” was also cheaper than their tumbled “Europa”, and we liked the look.

Note that the largest block sizes were 60 to 65 pounds. This is a consideration when you do projects like this. Your going to be carrying those blocks all day long. Clearly I was going to need help. Thankfully my wife and son pitched in.


Base rock and gravel

In addition to the blocks themselves we needed baserock for the wall’s footing and gravel for filling the blocks. Plus a bag of sand to help with leveling blocks. Your block supplier should be able to help you with estimating the amount of materials you will need for your project. Also your block manufacturer should have installation instructions (Calstone has a pretty thorough installation guide).

And of course all this stuff had to be moved into the backyard. We borrowed a friend’s hand truck to move the blocks, and an extra wheelbarrow helped for the gravel and base rock.



Digging tools. The digging bar and soaker hose were very helpful.

Large landscaping projects require lots of water, sunscreen and advil!

Water, sunscreen and ibuprofen are key to a successful landscaping project.

No sophisticated tools here. Most of this job is digging, shoveling, leveling, compacting and hauling. I did need to cut some blocks for a  curved area at the end of the wall — for that I improvised with my circular saw, a masonry blade and the garden hose. You’ll also need some string and stakes for doing layout and I made a depth gauge that I’ll discuss later. And don’t forget lots of water, sunscreen and ibuprofen!



Test wall and soaker hose

The first thing we did was to decide on our layout — since that affects everything else. We decided we wanted the wall 20″ tall (including the top caps). We wanted the face of the wall to be 44″ from the fence which left a 32″ bed. For our blocks that meant a two course pattern plus the 4″ top cap plus the wall footing. For our wall we went with 4″ of baserock plus the 4″ AB Lite stone for the footing. That means we had to dig a trench ~8″ below grade for the wall footing.

We built a small section of test wall to make sure things were working out as we expected. In the picture on the right you see the section of test wall. This helped us visual what the completed project would look like and also confirmed the height was what we wanted.

Once this was confirmed we used stakes and string to set a line that represented the face of the wall. Down at the far end of the wall I used a garden hose to layout my curve. I then sprayed along the line with landscape marking paint to outline where we needed to dig. Then the trenching commenced!


Most of the DIY articles just say: dig a trench. Well, to dig the trench requires doing a few key things:

  1. Dig the trench in a straight line
  2. Dig the trench the proper depth
  3. (Possibly) dig the trench through hard soil

The first was easy. As I said during layout I used landscaping string to layout the line for the face of the wall and outlined it with marking paint.


My son using the depth gauge to check depth. Looks good!

The second wasn’t as easy. The ground isn’t perfectly level, so how far down do you dig? What is your reference point? To solve this I made a depth gauge out of a piece of PVC pipe and an old 2×4. I set a line along the fence that represented the top of the wall (using string and a bubble level — I marked the fence posts where the top of the wall would lie).


Trenching complete! Test wall in foreground.

We then temporarily screwed a 1×2 on the fence with the top of the board aligned with this line. The depth gauge rested on the 1×2 with the PVC pipe set to be the height of the wall plus the 8″ we needed for the wall foundation. When the depth gauge was level, the trench was the correct depth. Hopefully the picture above helps to clarify this.

To help dig through the hard soil we used the power of water. I bought a soaker hose and snaked this back and forth along each section to dig and we let it run for a couple of hours. We repeated this as needed, and it was a huge help. After soaking we used a lawn edging spade (red handled tool in photo in Tools section) to create a clean line along the face of the trench and then a digging bar and pick axe to break up the soil. Then a square nosed shovel to dig out the dirt. Periodically we’d check the depth with the depth gauge. We continued this until we had our trench! The photo on the right shows the finished trench along with our test wall in the foreground. You can just see the curve at the far end of the wall.



Grading stakes


Laying baserock. Tamping tool in foreground.

Next step was to building the footing, or foundation, for the wall. Your requirements will vary depending on the product you are using and the height of the wall. See the recommendations from your manufacturer. For our 20″ wall we put down 4″ of base rock, and then a course of 4″ blocks. This is a critical part of the project. You want that baserock and first course of block to be nice and level.

To help with this I hammered in some grading stakes, the tops of which were 4″ above the ground. I used a long level to make sure I was level from stake to stake. Then we filled with base rock in multiple passes, compacting in between with a hand tamper. When we got to the top of the grading stakes we pulled out the stakes, filled the holes and checked for low and high spots using a long level.


Laying first course. That kneeler was indispensable, and the deck would get torn out the following summer.

After the base rock went down it was time to lay the first course of block. This is a critical step as that first course determines how well the wall will turn out. So it needs to be straight and level! I laid a string line to line up the backs of the blocks, then used the level and sand to make sure the blocks were level. You can see this in the picture to the right. And a rubber mallet helped to get things seated or to nudge a block one way or the other.  And of course it is always nice to have a Cavalier Spaniel helping out.


Tucker the cavalier helping to move blocks

The Wall


Standard Allan Block two course pattern.

Once the foundation is down the fun part starts. Building the wall! For this phase you just stack the blocks according to the pattern you chose from your manufacture. In the case of our blocks we had to fill the voids in the blocks with gravel. So we’d stack some blocks, then fill. As you stack the blocks check for rocking. Even if you got your foundation course nice and level, there are imperfections in the blocks themselves. Use sand to fill low spots and help keep the blocks from wobbling.

The curved section of the wall was a little more difficult. The problem is as the wall goes up it offsets back a bit, which changes the radius of the wall which means things start not to fit as well. This meant a lot of fiddle and some trimming with a saw. I don’t have a photo of it, but I rigged up some PVC pipe and the garden hose to provide a trickle of water that allowed me to use my circular saw as a wet saw (with a masonary blade). In hindsight I just should have rented a brick saw. So if you are doing a curve you will be cutting block (especially the top caps) so rent a brick saw!

Pace Yourself

One thing to keep in mind when doing a large project is to pace yourself. This took us multiple weekends over a summer. The work is physically demanding, and when you get tired is when you start getting sloppy and make mistakes. We would start early in the morning, then knock off by mid afternoon — and took plenty of breaks.

But it was worth it! We saved thousands of dollars and have tremendous satisfaction that we did the job ourselves.

The Final Product

Here’s a shot of the final product a year later. You’ll notice we tore out the deck and laid a patio (the topic for a future blog post). It was a lot of hard work, but it came out great!


Using a Password Manager: I did it. So can you.

With the recent disclosure of ShellShock, a serious security vulnerability that likely impacts many web sites on the internet, we are once again reminded that the internet is a fragile place. The bug exploited in ShellShock is likely decades old. Face it. software is buggy, and it will always be buggy. The internet will never be 100% safe. And other than choosing not to use it, we have little control over it.

But there is one area we do control. And that’s our passwords. You have to assume that there is a real chance that one of the online services you use will be compromised. A common target of compromised web sites is the password database. And even though any legitimate website will encrypt (or hash) that data, that does not stop crackers if either the encryption or your choice of password is weak. And what if your username on a compromised site is your e-mail address? And what if your e-mail password is the same as the one that was compromised? Then the cracker has the family jewels, because once you hack somebody’s e-mail you are well on your way to resetting passwords on other sites.

So the number one defense is good password practices. And that means:

  1. Using unique passwords on different web sites (especially critical ones like banking, e-mail, etc)
  2. Using strong passwords. And these days that means a combination of length and randomness.
  3. Change them periodically

And we know that no human can do this without some help. You need a password manager.

Like many, I had objections to the thought of relying on a password manager…

But I Have A Scheme!

Before adopting a password manager I had a scheme. And most “smart” people I know have a scheme. They have a couple of tiers of passwords (one for e-mail, one for banking sites, one for social media, etc) that they base on some nonsense words and throw in some punctuation and numbers. That’s much better than many folks. But the fight against password crackers is an arms race, and our only weapon is length and randomness. So odds are your scheme isn’t good enough. At least not for your critical sites.

That’s what I finally decided after I read that a Russian hacking ring had 1.2 billion username/passwords. And even if many of those accounts are old and previously compromised, it was still sobering.

But It Will Complicate My Life!

I had resisted adopting a password manager because I was sure it would make my life more complicated. It is another piece of software to deal with, and what happens if I’m stranded on a desert island and a notebook computer washes up on the beach and I want to log into g-mail and I have internet but not my password manager? I’m much better off in that case if I memorized my password!

But then I realized I had already been using a password manager. A cruddy one. The one built into the browser (that saves passwords for you). I realized this when I borrowed my wife’s iPad to check my email while on vacation. I realized I had forgotten my password. My scheme had broken down.  My password was stored (in browser data) on devices not with me. I had all the downside of using a password manager (depending on it), without the upsides of a good one (security and ubiquity).

So my life was already complicated. And maybe a good password manager would make it simpler.

But I Already Use a Password Manager (sort of)

As I said above, I was using a manager of passwords of sorts already. Many folks are already using some form of ad-hoc password manager.

For example some people write-down passwords in a little book and store that at home. This is actually not that bad — assuming this enables you to use strong passwords and you don’t carry that book in your laptop bag!  But it is not necessarily convenient, nor ubiquitous.

Others use the browser’s “save my password” capability. Again, not too bad as long as you are encrypting those with a master password (which many folks don’t do).

And others might use something like Apple’s iCloud Keychain or FireFox Sync.

But many of these solutions have shortcomings or limitations. The most common limitation is lack of ubiquity. I want my passwords available on all my devices, regardless of platform, and on any browser. I would also prefer that my passwords be managed by software whose only job is to securely manage my passwords and by a company whose entire business is based on helping me securely manage my data.

So I Took The Plunge

So I decided to take the plunge. But which one? There are a number of options.

I decided to limit my choices to the two most popular: LastPass and 1Password. My plan was to try one for a couple weeks, and then the other. I picked 1Password first because, believe it or not, I liked their video. And after a week I was hooked, and never got around to trying LastPass. What I like about 1Password:

  1. Their engineering effort is focused on making their password repository (they call it a vault) impenetrable. They assume the worst — that bad guys are going to some how get a hold of your vault. And they have engineered the encryption so that If you pick a strong master password, then a 1Password vault is practically uncrackable (everything is theoretically crackable given enough time, horsepower and luck).
  2. They do not provide a web service. Unlike LastPass, 1Password is not a service. It interacts directly with the vault on your local system. You are guaranteed that your password and keys never go to a 1Password server, because there are no 1Password servers. Because of this they have reduced their attack surface area, which means they have been able to avoid an entire category of attacks. It also makes the system easy to understand. Update: 1Password now offers the 1Password for Families and 1Password for Teams services, which are hosted services.
  3. You choose how to synch your vault between multiple devices. You can do it by manually copying files around, or by local synch over wifi, or by DropBox or iCloud. Your choice. You are not forced to use a 1Password service for this, because there is none!
  4. You can store any useful info you want in your vault. Not just passwords. Bank account info, social security numbers, pins to ATM cards, etc. You can even attach files — for example I have scans of our passports stored in the vault. It provides a secure, convenient place to store import information.
  5. Ubiquity. I have access to my vault on all my devices. I never have to worry about forgetting a password. When signing up  for a new service I don’t have that extra burden of deciding what password to use and how to remember it. I also have access to other info I keep in the vault.
  6. Their website and blogs have great information provided in a simple, transparent, easy to understand fashion.

That said, I have also heard many good things abut LastPass. While they did have a vulnerability (and to be fair 1Password  had a design flaw) it was fixed almost immediately. They also have some interesting features, like the ability to share accounts while keeping the password hidden.

The point of this post is not to sell folks on 1Password, but on using a password manager, and to share my experiences.

But What About All Your Eggs in One Basket?

Yes, this is a concern. If all my secrets are in my vault, then I’m screwed if somebody cracks my vault. Some thoughts on that:

  1. Pick a strong basket. I am trusting AgileBits (makers of 1Password) to make a strong vault. I have given them that trust based on research I’ve done, their clear and transparent documentation/blogs, and the fact that the survival of their company solely depends on them providing a safe and secure password store.
  2. Pick a strong master password. This is huge. Adopting any solution is dangerous if you don’t encrypt your data with a strong master password.
  3. The practical dangers of poor password hygiene outweigh the theoretical dangers of using a good password manager. It is far more likely my accounts will be compromised from weak passwords or some other hack than from somebody compromising my vault. It is so much easier to use social engineering or exploit web vulnerabilities (that seem to show up monthly!) than to crack a well encrypted data store.
  4. I have no choice. At this time I don’t see a better solution. We are stuck with passwords (and password managers) — for now at least.

My Adoption

The good things about adopting a password manager is that you can take it a step at a time. You don’t have to change your passwords until you are comfortable using the password manager. Here were the phases of my adoption.

  1. Pick a master password. This is the most important step, and Agile Bits has a good blog posting on it.
  2. Install on my home Mac and import passwords from Firefox. BTW, this import step is cumbersome for 1Password at the moment — I expect they will improve that. I had to install a plugin into Firefox to export my passwords into a comma separated value (CSV) file. Then edit that file to match 1Passwords CSV schema, then use the 1Password import operation to import it.
  3. Use the 1Password app to clean up my stored passwords since there was lots of cruft that had built up over the years.
  4. Install the 1Password browser plugins and experiment with the browser integration.
  5. Turn off my having my browser remember passwords.
  6. So at this point I’m fully using 1Password on one machine. I used it for a few days until I was comfortable with it.
  7. Then I installed it on my laptop and synched the vault.
  8. Erased all “saved passwords” from the browsers I was using.
  9. Then purchased the app for our iPads and iPhones and set that up
  10. Started changing passwords on web sites to be random strings. 1Password has a password generator to help you with that.

And now after using it for over a month I can say I love it. And it has actually simplified my life, not made it more complicated.

Update: One Year Later

We (wife and me) have been using 1Password for over a year now. One of my early concerns was that a password manager would complicate things, but exactly the opposite has happen. A good password manager simplifies your life! How? Let me count the ways:

  1. Never forget a password again. No more racking your brain to remember a password for a little used site. Or going through the hassle of a password reset.
  2. New site? New password? No problem. Signing up or registering at a new site no longer has that extra burden of deciding what password to use. Just generate one with your password manager and it remembers it for you.
  3. Piece of mind. We made sure all of our critical sites now have unique, secure, random passwords.
  4. Securely sharing passwords. My wife and I share a vault. No more coordinating on passwords. If something happens to me she has piece of mind that she knows the location of our accounts and can access them.
  5. Safe place to store information. In addition to passwords we store other sensitive information in our vault. Really handy. No longer wonder where you should write down this type of stuff — just put it in your vault.
  6. Helps recovery when something does go wrong. My wife succumbed to a phising attack and potential exposed one of her passwords. Because we used a password manager, the number of sites where she re-used that password was limited. And with the password manager we could quickly find all sites where she used that password or similar ones (so we could change them). So we were able to recover from this much more easily and more safely than if we had not been use a password manager.
  7. Reduces brain clutter. By taking a task that our brains are bad at (creating and remembering random string of information) and turning it over to software that is much better at it — we have free’d ourselves of mental clutter.