How to create strong but easy to remember passwords

Thursdays are the day of the week when I post some personal thought, but this week I’m thinking about passwords, so this will be a bonus “From the Help Desk” tip!

Password policies get out of hand, sometimes. I understand the need to be secure, but I will never understand why we IT nerds make it so difficult for the rest of you. We require your password to be at least 8 characters long. It must meet 3 of the 4 following requirements: 1 (or more) upper case letter, 1 (or more) lower case letter, 1 (or more) special character, and 1 (or more) number. Oh, and it can’t be similar to any of your 25 previously used passwords. It can’t have more than 2 sequential letters or numbers (sorry, ghillieSuit123, you didn’t make the cut!), and if it includes an identifiable portion of your first or last name, it will be rejected. We also lock you out after multiple log-in attempts (to prevent others from “cracking” or “brute forcing” your password by going throug the dictionary one word at a time).

Did you follow all of that? Me neither, and I’m one of those people responsible for making it all up. And that’s my problem with passwords. We make them so insanely complex that everyone needs to write down their passwords. Defeating the entire purpose of the password. Now, it’s true, people think mostly that a slip of paper in a desk drawer isn’t a huge security risk in this day and age. Computer crimes, password theft, etc… it all happens in the ether when groups hack large databases and steal hundreds of thousands of passwords at a time (as was the case very recently at my regional power company). But if you think that nobody would ever try to break in and steal your computer, you’re sadly mistaken. And some may go far enough to look for the passwords to go along with them. These things do still happen.

Or, more likely, it could still just be as simple as a co-worker taking the information and impersonating you on the network and getting you fired. Anything can happen. We want your password to be secure, but I’m on your side: I hate that we make you change them so frequently. If we could trust you to just not give your password out, then you would have one password, and not have to write it down. It’s frustrating. But unfortunately, it doesn’t look like the “password policy” is going to change any time soon.

So here’s what you can do about it. There are some simple services that will help you adhere to password policies in effect where you work. One will help you determine if your password is strong (or generate a strong password for you to use). That site is at HowStrongIsMyPassword.com. A more fun website to see if you’re really safe is HowSecureIsMyPassword.net. This website really entertains me. You can put in your real password and see how long it’s expected that a modern computer would take to crack your password. My “work” password, according to the website, would take 102 million years to “crack” if a hacker were to try some sequential combination of characters (example: a? ab? abc? a-z? ba? bb? bc? and so on, until all possible combinations of letters and numbers, symbols, and numbers are exhausted). While it’s an impressive number, it’s all for naught if somebody can just look on my desk and find my password on a post-it on my monitor.

So just do your part to make your password fun. Most systems, like the computer in your typical office, will gladly accept characters such as spaces and even “!” exlamation marks. I encourage you to write a sentence with your password. Try it! It’s easier to remember, and harder to guess – even if someone knows you. For example, according to HowSecureIsMyPassword.net, it would take 62 sextillion years to crack your password if you made it something as simple to remember as “This is my password!” Another simple password to remember could be “I listened to 45’s growing up!” – not an easy thing to guess, and to crack, it could take 24 duodecillion years! So go on, try it!

I would like to thank DarkMethod45 for sharing “How Secure…” link with me, and inspiring part of this article.

Goodbye, Joe Pa

Alright, this is my personal blog, believe it or not. I try not to get too in your face personal, but today I’m going to. I’m a Penn Stater. A 2007 graduate of a branch campus in Erie, Pennsylvania: The Behrend College. I am a Delta Chi fraternity brother, I bleed Blue and White.

When Joe Paterno lost his position at Penn State, after 61 years with the team, it was no doubt a shock. The man had been coaching at Penn State longer than I’d known what a university even was. When I was learning how to potty like a big boy, Joe Pa was taking Penn State to back-to-back undefeated regular seasons. Too many people used the cliched “evil triumphs when good men do nothing” tag-line in the weeks following the Penn State scandal. While I in no way wish to belittle what happened and what has come forth about Sandusky, but I have been livid since Joe Paterno was dismissed. Penn State asked him to step down from his position in 2004 amid poor performance, and Joe Paterno refused. To be ousted like this? Shameful.

Mike McQueary allegedly witnesses Jerry Sandusky in the locker room with a young man. McQueary tells Paterno. Paterno tells his supervisors. Paterno loses his spot with the team before McQueary. Even if Paterno had gone to the police with what he had been told, at that point, it’s hearsay, inadmissable in court. Paterno had so little to do with the overall case – if and when this whole thing goes to court, Paterno would likely not even be able to be called as a witness! Yet there he was, the man literally bronzed into Penn State’s community, tossed from his position as Head Coach in the middle of the night. With nothing left to fight for or live for, Coach Paterno died from complications due to lung cancer a matter of weeks later.

As a Penn Stater, it hurts. As a Penn Stater, I know a lot of oter Penn Staters. I have snipped just a few comments from friends’ social netorking pages, just to share with you how we feel. After all… We Are… Penn State.

“No one deserves a million dollars just to coach a football team” -Joe Paterno after turning down a coaching offer from the New England Patriots in 1972. Mourning the loss of JoePa has nothing to do with being a Penn State fan, its about celebrating the life of a man that didn’t have a selfish bone in his body. Rest in peace coach, the world has lost a true gentleman.
-Steve S.

Wore my white long sleeve “400 wins” T all day and a PSU ball cap (thanks to the rain)…. while at the grocery store, almost everyone I made eye contact with gave me this look that simply said “I’m sorry” – complete strangers… the cashier asked me some details on his death and shared his sorrow and anger over how his career and life had to end. Joe just brings people together: Penn Staters and Non-Penn Staters alike.
-Heather B.

Penn State Behrend’s flag was at half mass today in honor of Coach.
-Shantel M.

We are a student body. At the end of the day, it doesn’t matter how many football games we won, or how many students we have. We could have the best program out there, but without the support and pride of our student body, we are no better than any other school. Joe Paterno knew this and strived to make all Penn State students know this, because without us, Penn State becomes just an average state school. I know I speak for Joe Paterno when I say “Fight on State, Fight on.”
RIP Joe Paterno
#PennStatePride
-Derek K.

“‘His life is Penn State through and through,’ Scott Paterno said, speaking of his father in the present tense. ‘He understood that and it never once occurred to him to be bitter toward Penn State.'”
-Adam W., quoting an article featuring Scott Paterno’s words.

Not perfect by any means…but who is? Hopefully his legacy will be remembered more for the good he did than for what he did not do. His debt is paid. May he R.I.P and his family be given the comfort, privacy and respect they need and deserve at this time…
-Eden R.

I don’t want to talk about it. And if you’re from Penn State, you already know what I mean.
-Me, minutes after official sources broke the news of Paterno’s passing.

Better Know a Gamer is back! Nominate a friend, now!

So, the other day, I imported the WinBreak.com Better Know a Gamer archives. During this process I may have forgotten to disable my twitter updates which caused abut 30 articles to publish to my twitter and facebook streams in a matter of seconds. Sorry about that. But the good news is, you can read all about more gamers, and some of their best stories!

Better Know a Gamer is back, and you can Nominate a Gamer whenever you want, even yourself! There’s no shame in it, some come on and get famous!

Coming (Back) Soon! Better Know a Gamer!

From my old site, WinBreak, I had one very succesful run of content: Better Know a Gamer. You could nominate yourself or anyone you know, and easily be featured in an issue of Better Know a Gamer. Interviews, getting to know community members. After we were thirty-plus posts in, thats when the site started to slow down a bit. I will be importing all of the old BKAG articles and picking up where I left off, in the thirties – you’ll be able to select the BKAG category and go back through all of the old interviews, as well. Keep an eye out for it soon!

This site will soon have implimented the same “nominate a gamer” feature that WinBreak.com had, where you can enter an email address and have the questions automatically fired off to the recipient. So be sure to check back – sign yourself up and several of your friends!

Paid Apps in the Windows Phone 7 environment

 

salepricingwrong

 

You’re doing it wrong.  This has been an internet meme for a while, and applies directly to the problem with paid apps, in particular, those in the Windows Phone 7 Marketplace.  I’m hoping they don’t continue down this exact path when Windows 8 launches with its embedded app store.

 

The problem isn’t that the Windows Phone 7 Marketplace has a larger ratio of “paid apps” to “free apps” than iTunes or the Android Market – the problems is what those apps are.  I don’t mind paying for apps, good apps in particular.  Use a pro version instead of a lite version, pay for the developer’s time.  Just imagine if they developed that app just for you, would you only feel compelled to give them a $1.99?  No!  It’s worth way more than that! You’re the one getting the bargain, so why not pay?  Particularly, when the app is “worth it.”

 

What makes an App “worth it” is subjective.  Very subjective.  But I can tell you one of the things that, I feel, is not worth it, which is what I’m seeing a lot of in Windows Phone 7.  RSS Feeds.  If I want news from one of my favorite websites, I can go to that website and read it all day long.  As we all know, the overwhelming majority of sites on the internet are not behind pay walls.  This is the reality for content producers, and they’ve been struggling with ways to make money ever since.  With the new ecosystem of Windows Phone 7, came the chance to lay down the corrective law and start turning a profit for the hard work developing apps. But the problem isn’t going to be solved by charging a dollar for your app, which has the same content as your website.

 

True, not every website is optimized for mobile browsing, and an app would be nice.  But let’s be frank, why would you spend a dollar to read something you have been and will continue to read for free?  There needs to be a proven value in your application, that goes above and beyond.  Exclusive articles are hard to sell, people get touchy and will leave your website because they think you’re holding out on them – even though they’re not paying a dime.  Still, perhaps the best solution might be offering some form of exclusive benefit, like industry interviews with people in your field, things that are going above and beyond that typical news articles.  If you can get those interviews.

 

I don’t have the perfect solution, but I do have good news.  From what I’ve seen, again, in particular on the WP7 Marketplace, it looks like a lot of the people trying to charge for what is little more than an RSS feed, are just people trying to make a buck off of others’ hard work.  The developer is usually not affiliated with the actual website at all, and just popped and RSS feed reading app together with the RSS feed of a popular website, and is trying to pass it off as an app.  I imagine many people are not getting suckered and I hope few are being sold, especially in cases like this.  But that doesn’t mean I don’t want to see developers actually concentrate on making better decisions when they do decide to put their content on a mobile platform.  Ad-Supported apps don’t bother me a bit, but when I do pay for an app, I expect at least something out of it, more than just saving me the time of typing a URL – and the good news is, I think the people managing their own brands and websites know that.

It's 2012… Prediction Time!

I predict this year will be better for me than any other in my life. I’m making the time to make things happen. I have more time than I act like I do, it’s time to do something with it. That’s my resolution for 2012!

Now then, before the world ends, here’s what I’m expecting, good and bad, for 2012.

Consoles:

  • The PlayStation 3 wanted to last longer than any of the others, but it’s delayed release will crush the dreams of a 10 year console life cycle – they don’t want to be seen as lagging behind, so they will unveil details at E3 of the PlayStation 4.
  • The “Next Xbox” will be unveiled at E3, and in a surprise move it’ll be announced for this holiday season. While I agree with many industry experts, it feels a year too early, it’s never too early to make money.
  • The “Next Xbox” will be named Xbox 365. This meshes with the branding already in place of other Microsoft Products. Office Live, which stemmed from Xbox Live and Live Search, merged with Business Productivity Online Suite and became OFfice 365. The next Xbox will follow the branding change and be called Xbox 365.
  • The Wii U specs will be released at E3, with a holiday 2012 release date as well. I think this is more likely than the “Xbox 365” (again, my predicted name) being available this year, as Nintendo really needs to prove its use to the “core” gamers if they want to keep selling. The millions who adopted the Wii and made the silly name a household must-have aren’t going to upgrade their console for more Wii Sports sequels.
  • The handheld gaming market will be dominated by the 3DS, with devices like the Windows Phone 7/8 and Android/iPads featuring OnLive gaining in acceptance.

Computing:

  • Windows 8 will not see the same mass adoption that Windows 7 has. It will be popular enough among the tech community to be worth upgrading to, but it will fail to impress the mass audience and will also fail on tablets (to my own chagrin).
  • Companies will release wrist-watch sized Android based devices, but they will not gain large acceptance.
  • Paying for goods with your cell phone via some form of NFC will gain wide-spread acceptance commercially, but not with the average home user. You’ll be able to use it, but you mostly won’t.
  • Your grandma still won’t want an e-reader, but your mom will ask more questions than last year.
  • HTML5 (and HTML in general) will be setting the new standard, flash sites will fizzle, and SilverLight will still only be used by Microsoft and MSNBC partnered sites!

Entertainment:

  • Sorry, but Steam Punk will become as common place as glittery vampires. It’s already begun, with the recent Justin Bieber video.
  • ChipTune music, a personal favorite of mine, will emerge with one or more pop songs, and grow in popularity at dance clubs – but people will just think it’s a quaint new fad, not something we’ve been enjoying for years! (If your girlfriend made you watch the latest episode of 90210, and you saw ‘the runway scene’ you’ll know this to be coming true, as well).
  • A new service, likely run by an existing entity, will emerge to directly compete with Netflix (here’s looking at you, Amazon and RedBox).

I wish I had more for you, but I’m all tapped out. All I know is that this is going to be an exciting year, and we’re all going through it together. So stay tuned, stay active, and keep the comments coming!

Greed in Gaming – why I'm worried

The prices of games don’t worry me, let’s get that out of the way. I like where they’re at right now. I can stand the price points, if I have to, and I’m always glad to see that consoles are being revised, but prices are still coming down. Very exciting.

I also think that the PlayStation Network trying to get everyone to go with the PlayStation Plus membership is understandable. Having an infrastructure the size of the PlayStation Network and Xbox Live isn’t free.

BUT PC gaming was always free!!! Yes, and PC Gaming has always been decentralized. Even at the end of life for most games, a patch would be released that would allow people to host their own switching servers that would list all of the game servers. These things don’t happen much any more (anybody seen any Matrix Online sandbox servers?), but more importantly: this doesn’t happen in console games.

You see, I’m not writing because games are too expensive, or the online services are – but this attempt to make a buck by making us register to play your game online? This worries me. Not just because of the price, but because of the problems that these greedy publishers are causing in the long term.

Earlier this week, I awoke and wanted to play some more of the single player races in Need for Speed Hot Pursuit. I was connected to Xbox Live, but I was not connected to NFS’s “autolog” server, it appeared to be down. Maybe there was an issue with my modem or router or something else, but it shouldn’t matter. I’m on Xbox Live, I’m on the internet – I should NEED to be VERIFIED by your server, just to play the game that I purchased, particularly if I want to play it offline!

These new off-site servers have been a fear of mine as long as online gaming and DRM has existed. Nobody likes it, but they keep pushing it on us, to protect their product. Here’s the thing: Microsoft protects your product via Xbox Live. Leave me alone. I don’t need another middle-man.

Season Pass for EA Sports games. Call of Duty Elite. Autolog for Need for Speed. Mortal Kombat’s Kombat Pass. These are all ways that the developers want to make an extra buck. So far they have “graciously” included the services with retail copies of the game, but as demonstrated in my experience with Autolog – membership or not, it doesn’t matter… if the service is inaccessible, so is your game – even if you just want to play locally.

The other games may not follow the same “authentication first” formula, but all of these little middleman services worry me, and they’re all in an effort to reduce piracy, and make a few dollars from the used games industry, which, in my opinion, is solely motivated by greed.

Can Wal-Mart save us from Big Oil?

Why isn’t anyone going up to bat for the little guy?  The little guy being you and I, by the way.

 

Everyone is blogging about oil prices this week, but I’m wondering why nobody is looking at it from this angle: the public needs support from larger companies.  It’s not every day when I think a big company should be helping out the general public, but this time I think I can make a case for it.

 

There’s lots of finger pointing going on and everyone is blaming one thing after another for high gas prices.  In 2008, the last time gas topped $4 a gallon in my neck of the woods, everyone said it was out of control and there was nothing they could do about it – but oil companies posted some of the largest prices of any company in the history of anything ever.  And I’m not being hyperbolic.  The latest round of rumors are that American oil production isn’t even operating at 100% right now, there isn’t a gas crisis or a gas shortage: it’s the futures market that is causing the crazy high gas prices.  I don’t care who is to blame, all I know is it hurts.

 

As gas prices approach the $4.00 per gallon mark, the economy can see (in broad terms) a slow down in sales elsewhere, like retail for instance.  We go through a national “belt tightening” every time gas prices get just a tad too high.  You can try to do things like buy gas cards, or even join Sam’s Club, where member-only gas pumps are often five to ten cents cheaper than neighboring gas stations…  but that’s not enough.

 

gaspumps

image credit: m_bartosch.

I think the big chain stores, like the Wal-Marts, the Lowes, Sears, Targets – they need to band together to find something to do about gas prices.  With enough pressure from them, there must be something that the Exxons of the world can do to trim back their excessively high profit margins.  While the consumer may be feeling the pinch now, I believe this could be bad news for the economy in the long run, because I sure will be going out less, doing less, spending less.  That many for my gas tank has to come from somewhere, and I need to get to work.  What I don’t need is to travel the interstates during my time off.  Stay-cation ‘08 is coming back for 2011!

 

Although large chains like Wal-Mart and Target might be able to ride out the storm, other chains that might not have quite as much draw may want to start putting a plan together, because I can certainly get by without visiting my local local RadioShack any time in the next six months, and might have to if I can’t afford the tiny luxuries of wasting money on random cabling and electronics supplies.  They might not be giants, but they’re big enough to get the attention of the oil companies and try to figure out what can be done to keep people like me on the road, instead of in the driveway.