Archive for the ‘Tips and Tweaks’ Category

Think Your Clever Password Is Secure?

Tuesday, May 28th, 2013

Ars Technica recently wrote a great article on how easy it is for password crackers to guess your clever password. Let’s say you want to create a password based on your dog, Sparky. Just using “sparky” would probably be easy to guess, of course, so you decide to replace the S with a $ and the A with an @ to get $p@rky. That’s not bad, but it’s a little short. So you come up with the idea to add Sparky’s birthday to the end and you get $p@rky2006. “No one’s ever going to guess that!” you say, but just to be extra safe, you even make a few of the letters uppercase. Your final result is: $p@RkY2006

It doesn’t get any more secure than that, right? Wrong. If you were targeted by a hacker, or if the site the password was stored on was hacked, this password would be cracked in a few hours tops. That’s because hackers run special programs that guess thousands of passwords per second. It would still take way too long for them to try every possible combination, but in this case they wouldn’t have to.

Unfortunately for you, your clever password used common patterns that plenty of other people use as well. Letters at the beginning, numbers at the end, replacing letters with symbols… hackers know people use these tricks and take advantage of this knowledge when running their brute-force attacks. By focusing on different variations of these commonly used patterns, a hacker greatly reduces the total number of passwords they would need to guess before finding $p@RkY2006.

So the password you came up with wasn’t so secure after all, but it gets worse! Not only is your password easy for a hacker to guess, it’s also incredibly difficult for you to remember! Was that a capital K or was it lowercase? When was Sparky born, again? Which symbols replace which letters? As if you didn’t have enough stuff to remember already, now you’ve got to remember all these little details as well. What if you don’t have to login to the site everyday? Will you really be able to remember your clever password 3 months later?

Luckily, there’s a solution to the madness. Instead of trying to come up with (and remember) your own passwords, use a “password manager” to generate and remember passwords for you. These wonderful pieces of software generate long, completely random passwords that are virtually impossible for hackers to guess in a reasonable amount of time. They then store them on your computer (or in the cloud) and protect them with a master password that you create. Make sure to use a long master password that you’ll be able to remember. In fact, many people use an entire sentence for their master password–complete with punctuation.

When you want to login to your site, you simply enter your master password into your password manager to retrieve the random password it had generated for that particular site. This way, your passwords are secure and you don’t need to remember them.

As an extra security benefit, using a password manager will also let you have a different random password for each site you visit. This way, if your password on one site were to get hacked somehow, the passwords on all of the other sites you visit will still be perfectly safe.

Checkout Ars Technica’s article Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331” to learn more about how easy it is for hackers to crack clever passwords. More importantly, though, stop using anything other than truly random passwords, and make sure they’re at least 12 characters long. The easiest way to do this is by using a password manager such as LastPass or 1Password. Stay safe out there!

Avoid Crapware When Installing Software

Tuesday, October 23rd, 2012

When downloading and installing new software, it’s easy to get duped into installing bundled crapware at the same time. That’s because a surprisingly large number of software vendors hide these annoying add-ons in their installers and deliberately try to trick you into allowing them through. Weblog FreewareGenius and have some tips on avoiding these sneaky tricks in the future. The most popular tricks you’ll run into include:

  • Making the crapware look like it’s the original program’s privacy policy, which you (of course) agree to
  • Hiding the choice under “Custom Installation,” so the “Typical” installation gives you the toolbar automatically
  • Offering you crapware multiple times throughout the installation, perhaps with different wordings

Be sure to pay close attention during the installation process. If you’re given an “Advanced” or “Custom” installation method, use it! Watch out for these dubious tricks or you’ll likely end up with a mysterious new web browser toolbar or search engine alongside the next piece of software you install.

Checkout Lifehacker’s article or the post by FreewareGenius for more tips!

Make The Windows 7 Taskbar Perfect

Tuesday, May 18th, 2010

So you’ve finally gotten your hands on Windows 7, but aren’t entirely thrilled with the new taskbar? No problem! Lifehacker has a great set of articles on how to tweak the Windows 7 taskbar to exactly your liking. A couple fixes I simply could no longer live without are…

Display thumbnails instantly when you hover over an icon
By default, there’s about a half second delay between the time you hover over an icon and the time its thumbnail previews popup. This makes your workflow a little less efficient and gets really annoying really fast. The following registry hack will make previews popup instantly!

  1. Run regedit (Windows Key+R, type “regedit”, click OK)
  2. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  3. If it doesn’t exist already, add a new DWORD (32-bit) value named “ExtendedUIHoverTime”
  4. Double click ExtendedUIHoverTime and set the value to the number of milliseconds you want the delay to be. The default is 400, but I prefer setting it to something really small, like 50, for an instant thumbnail preview
  5. To apply the change, restart the computer (or just explorer using task manager)

Left click icons to cycle through active windows:
This one goes hand in hand with the tweak above. By default, left-clicking an icon on the taskbar will popup its thumbnail previews, but now that we have previews showing up instantly on mouse-over, that’s a little redundant. So why not simply have the last window in the icon’s group show up when you left click it instead? Here’s how to do it…

  1. Run regedit (Windows Key+R, type “regedit”, click OK)
  2. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  3. If it doesn’t exist already, add a new DWORD (32-bit) value named “LastActiveClick”
  4. Double click LastActiveClick and set the value to 1
  5. To apply the change, restart the computer (or just explorer using task manager)

As always, be sure to take extra care if you venture into the Windows registry to perform any of these tweaks. If you’re unsure about what you’re doing, stop and get help from someone who knows their way around!

So what’s your favorite Windows 7 hack? Have any tweaks that you can’t live without, or is everything fine right out of the box? Let us know in the comments!