About Computers for Newbies & Everyone Else

October 24, 2017

A Paper That Changed Our World

Filed under: Columns — Tags: , , , , , , , — Ron @ 5:08 am

You know everyone makes mistakes; however, not many make as far reaching a mistake as Bill Burr.  Mr. Burr is the person responsible for the current password guidelines he dispersed and he now says the instruction was wrong.

He authored an eight-page document which was OK’d by the National Institute of Standards and Technology.  He also mentioned that, “…the paper wasn’t based on any real-world password data, but rather a paper written in the 1980s.”   Unfortunately, the document he wrote went on to become the Holy Grail of industries around the world.  It made it so that all businesses, governments, etc.  updated their password policies to coincide with this new information.

Password graphicYou know the spiel if you are in the workforce today.   You should have capital letters, lowercase letters, numbers, symbols, nothing related to your date of birth, children’s names, pets’ names and maybe a few more.  And the one that made me the craziest, you must change your password every 90 days and cannot repeat one within a certain time period.

In a recent interview with The Wall Street Journal Burr was quoted as saying, “Much of what I did I now regret.”   It went on to say that none of these actually make your passwords that secure.  Especially the, “change it every 90 days” rule.  It was determined in a 2010 study at the University of North Carolina, Chapel Hill that updating passwords regularly can actually help hackers identify a pattern.  (You know you do it, changing just the last letter, number or symbol of a password you have used for years.)  I read another article stating that if you have never been hacked or noticed any strange happenings regarding your password you should never change one.

Guess what the new rules state?   A better solution is to create a password with four random words.  If you are allowed to do so you should include spaces.  This combo is supposedly harder to crack than the old revered password stylings.  You can even capitalize or use punctuation if you wish.  However, the length of the password is what discourages the hackers not the combination of letters, numbers and/or symbols.  The old rule of thumb about being at least eight characters long seems to be weak too.

So, my new passwords may be something like, “IscoffeeanElephantoraTomato?” or “Is coffee an Elephant or a Tomato?

I do have a couple of thoughts/concerns regarding the past guidelines…which we have found out could be bogus.  “They” always said not to use any word in the dictionary as this was how hackers started with their hacks. However, now it appears that commonly known words are OK.  Huh?  Who said that they should not be used the first time and where was their research documentation?   Is that one true or false?

All I know is that I hope where I work will quickly change the 90-day period between changes – life would be so much easier.

Change my passwords how often?!!!

June 21, 2016

Need Your Password?

This column will presuppose you have your browser set up to automatically save your websites’ passwords.  Some people do not but many do save their passwords in their browser so they can very quickly log into websites.  I use it in Google Chrome but you can do the same thing in all of the major browsers. 

One day you may want to see what your password but you cannot due to the asterisks. You know, the, "********" that appears in the password text box.  If you want to see the password in full text you can download special software to do that but it is just as easy to use your browser. 

They are all similarly accessed expect for the newer Microsoft Edge browser.  However, from what I understand not many people us Edge in the real world. 

Manage PasswordsDo view your passwords using Chrome click the "hamburger" (three stacked horizontal lines) in the upper right corner.  Next, "Settings."  In the search box at the top type, "passwords" then scroll to the bottom and click, "Manage passwords."  From the Search Passwords box type the site you are looking for and as you type the site will appear.  Click on the site and then on the right then click, "Show."  You may have to enter your computer’s login password depending on your settings. There you go, you can see your password in Google Chrome.

Password reveal in Chrome

For Firefox it is similar.  Click the same, hamburger, then Options, next Security and finally click, "Saved logins" at the bottom.  Finally follow the similar search process, click the site in the list and at the bottom click, "Show Passwords."  After you say yes to the, "Are you sure…" question you have your password. 

The older versions of Microsoft Internet Explorer are very similar so I bet you can figure them out.  But the later versions and Edge are of course different to reveal passwords.  Thanks MS for that headache!

For newer versions of MSIE and EDGE, click on Start button, type "Control Panel", then User Accounts and select your account if you have more than one on the computer.  Once on your account page, on the left click, "Manage your credentials" and if not select click on the Web Credentials button.  On that page you will see a list of your Web Passwords.  Click the right edge of the one you want to see and you will see the word, "Show" at the bottom of the page.  Done.

This is an easy way to check your passwords. 

PLEASE KEEP IN MIND it is easy for you and it is easy for bad guys too.  Make sure you lock your computer with a complicated password, lock your computer when you are in a coffee shop and you walk away (use Windows key + L).  Always be very careful and extremely circumspect with your computer, phones, tablets, etc.   

June 7, 2016

Password Vault

Filed under: Columns — Tags: , , , , , , , , , , , — Ron @ 6:14 am

Bank accounts, dating sites, email, Facebook, Instagram, other email accounts, PC login, Twitter, websites, work, and on it goes.  What do those things have in common with most everything else on your computer?  Correct, passwords.

Five years ago I wrote about various ways to keep your bazillions of passwords safe.  DO NOT do what some non-savvy users do and write them on a piece of paper cleverly hidden under your keyboard.  Yes, I have actually known people to do that.  I also do not recommend creating a text document, spreadsheet, etc. with password protection as these are not really too secure. 

I used to exclusively use KeePass ( which is an excellent program; however, from emails I have received it is a little cumbersome and difficult for some.  Especially when used in several locations like work computer, home notebook, tablets and also phones. 

KeePass logo 
I have recently switched over to LastPass ( which I find incredibly more useful in several respects.  When I mentioned LastPass five years ago I was slightly negative toward it since it had just faced its first hack attack.  However, that being said, it totally survived that attack and has not had a major attempt since. 

LastPass logo

LastPass puts your password information on its servers but that database is protected by your password and keys only you and your computer have. This is a very safe combination in that if your account was hacked at LastPass in the cloud, the hackers would still not have the information they need to get in.  That would have to come from you. 

LastPass’s online storage enables you to access your passwords online from any location on any computerized device.  That makes it incredibly easy to use anywhere. 

LastPass has many features but one of my favorites is once it is installed and set up.  You are able to save passwords as you browse, and when you go to that site next time LastPass will autofill the login for you if you want it to, as long as you have first logged into LastPass. 

Another good thing in its favor is if you have three Gmail accounts, 12 Yahoo accounts, and any number of others, it will remember them individually and let you log in to the correct one with the correct password.

As with all applications available today there is the free standard version and also a premium version.  The premium version gives you other beneficial features but you know me.  In my opinion the freebie gives you everything most users need, so try it out. 

If you use this link ( to sign up for LastPass you and I will both get to try out the premium version for a while.  That way we can both see if its is that much better. 

Free or Premium really does not matter, this app will let you be much more secure online.  It will allow you to create a variety of passwords (which LastPass can even create for you) so that you are not using the same password for everything.  Come on, you know you are doing that since we cannot possibly remember a bazillion of them. 

Let me know if/when you try it out.  Below you can see some of the items in my LastPass vault.

Ron's LastPass vault

March 17, 2015

"Hi, this is Ron from Windows"

I have a couple of scams to inform you of today that could cost you time, effort and lots of money.  One is computer related, the other financial. 

Many people have reported getting calls from someone saying something similar to, "Hello this is Ron (fill in any name) from Windows, we see that your computer is reporting errors and we need to help you." 

First red flag on this is that no one from "Windows" would contact you since there is no company named Windows.  Secondly, you would most likely think it was Microsoft; however, they would never call you out of the blue with a problem.  Unless it is due to some very unusual circumstances, Microsoft does not even have your phone number. 

If you continue with the call, as apparently many people have, they will help you. The problem is that their "help" is quite harmful.  I have read of some people being directed by the caller to install software on their computer in order to give them access to run a special update.  Never, ever let some stranger talk you into installing anything on your computer…on any occasion! 

That will give them access to your computer after they supposedly help you.  Then you will have problems with your computer and a different foreign voice will contact you in the future saying for $$$ they can fix this issue.  

Fraud image
The other issue being reported is they have installed a key logger program on your computer.  A key logger has the ability to record every keystroke you make and send it to someone else-without you knowing a thing.  This can include all of your user names and passwords.  You know what happens to your bank accounts after they get that info. 

Bottom-line is if you get a call from someone representing themselves as a person wanting to fix your computer, hang-up.  Then if you wish you can report them to "The Internet Crime Complaint Center" (IC3) at ""  The IC3 is co-sponsored by the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C).

Next, you get a call from someone claiming to be from the IRS.  They inform you that you owe taxes and if you do not pay immediately you will be criminally prosecuted.  Usually they require the payment to be made through a prepaid debit card. 

You may laugh and think, "What knucklehead would do that since the IRS never cold calls anyone about anything."  But since October, 2013 more than 3,000 people fell for this scam and made the crooks $15.5 million.  The top five states taken so far, per Timothy Camus, deputy inspector general for investigations at the agency that oversees the IRS are: California ($3.84 million), New York ($1.35 million), Texas ($795,884), Florida ($760,000) and Virginia ($648,363).

If the IRS calls you, hang up.

December 2, 2014

September 30, 2014


I have always been very careful when working on building a new computer.  There are certain things you must do; however, I missed one a couple of weeks ago.  (Geek confession coming up.)

Someone came to me and basically said since I am a geek and obviously quite knowledgeable with computers would I totally rebuild theirs.  I do not usually do things like this any longer.   Not that I do not enjoy building new computers; I actually very much enjoy doing so.  However, over years of being in the business I have found that if I do this, I end up owning all of the problems that arise with that system for evermore.  No matter what happens, no matter how many years down the road they come back to me for "free" help.  In one case it was so bad I got calls and emails for six months after the build.  If they were something that I caused…no problem I was more than happy to fix them.  However, the overwhelming number of times it was the user causing issues.

This was a person I know and trust and a good friend so I did it anyway.

He gave me a list of the applications he wanted installed, and original licensed discs for the programs that he still had.  Time for a warning to all of you who want to rebuild a computer or get a new one:  Make sure you have the original discs for licensed programs or it could be costly.  For instance, your Windows installation disc, Microsoft Office, Adobe Photoshop, etc. 

He also included all of his email account usernames and passwords, so that I could set up his accounts.  Another warning here, I do not recommend you do this unless you absolutely, positively, totally trust the installer.

As always you start with the operating system, Windows 8.1, a full reformat of the hard drive, etc. 

For Microsoft Office versions there has always been a small issue when you perform a reinstall.  In the olden days you had to speak with a live customer service rep for 30 – 45 minutes to get an approval.  They had to make sure that you did not have an illegal copy.  Today you call an 800 number and punch buttons for several minutes and get an OK.  Then you type in more numbers in your computer and you are approved.

Next, the multitude of upgrades.

After about five or six hours I was almost done.  For a while I tested, updating some more apps as necessary.  Another Windows update or so and done.  He was going to install his only data files when I got it back to him so I did not have to upload those.  I was finally finished, no big deal…until…

Strange things started happening in the browser.  Homepages changing, popups flying and then my brain finally kicked in; I had not installed any antivirus.  I now had several viruses running on a brand new computer.  One was trying to take over the system entirely.

I could have resolved them one-by-one; however, on a brand new system that is not the way I would do it.  So the rebuild began.

Guess what I installed before I got online this time?  You better have guessed right – his antivirus software and all was right with the world… another five to six hours later.

What a jerk I am; however, I hope you learned something from my mistake!

September 16, 2014

Good News and a Warning

A few weeks back I wrote about an application you could use to retrieve deleted files from a computer’s drive, SD Card, etc.  This was really highlighted when I got an email from Tom in Harrisonburg, about his adventure with that application, Recuva

It began with, "I took a deep breath, downloaded, installed and ran Recuva on my wife’s defunct mini-SDHC card from her phone…"  Tom went on to tell me that Recuva fully recovered about 90%, over 600 photographs and eight videos.  These had been taken on her phone and then the card failed.  Now the grandkid photos were back.

He was so impressed he bought the Pro version.  I like hearing good news from all of you, so let me know if you read something that helps you out. 

Now a warning for all of you Android phone users.  If you sell, give away or toss your phone/tablet in the trash there are two things you should do first.  Number one is to remove your SD card if you have one installed.  It may contain many things about your system, possibly pictures you have taken, downloaded files, sites you visit, etc.  Next, you must perform a "factory reset" of your device.   

FYI, here is the way to do a factory reset.  Note: devices may vary slightly.  Go to Settings, select Privacy and then "Factory data reset."  You will get a big warning about setting your phone back to the way you got it out of the box when you bought it.  It may give you the choice to also wipe your SD card.  Choose, "OK" and it will be wiped clean. 

Until recently I would say you are now safe to get rid of the phone/tablet.  But new information has come to my attention.  It is now known that some disreputable people have been known to get old phones and recover information.  They run software like Recuva or other similar "rescue" apps and get a lot of information back from the erased system. 

You think,"That is fine, my pictures are of me fully clothed unlike some recent celebrities."  But what about your email username and password?  Or you bank account login, a personal letter you wrote, your Dropbox account and on-and-on?  Your personal data could be retrieved.

Locked filesThere is a safe way to get around this problem many geeks suggest implementing.  You add one new procedure to your Android device before you execute the factory reset.  Encrypt your device.  Encryption basically scrambles your device’s data with a cryptographic key so that only you can access it with a great password.  That way it cannot be accessed without that encryption key.  You can do this on your device at any time; however, it has a couple of drawbacks.  It can cause battery drain, it can also slow down your device and if you decide you do not like your phone encrypted it cannot be undone without a factory reset.  That causes a loss of all data.

Look under Settings and then Security to encrypt your phone/tablet.  Once encrypted you may then run a factory reset and if someone looks into recovering your data they end up with a recovered scrambled mess.  Your information will be safe.  

June 17, 2014

June 10, 2014

May 13, 2014

Older Posts »

Powered by WordPress

%d bloggers like this: