How to create strong but easy to remember passwords

Thursdays are the day of the week when I post some personal thought, but this week I’m thinking about passwords, so this will be a bonus “From the Help Desk” tip!

Password policies get out of hand, sometimes. I understand the need to be secure, but I will never understand why we IT nerds make it so difficult for the rest of you. We require your password to be at least 8 characters long. It must meet 3 of the 4 following requirements: 1 (or more) upper case letter, 1 (or more) lower case letter, 1 (or more) special character, and 1 (or more) number. Oh, and it can’t be similar to any of your 25 previously used passwords. It can’t have more than 2 sequential letters or numbers (sorry, ghillieSuit123, you didn’t make the cut!), and if it includes an identifiable portion of your first or last name, it will be rejected. We also lock you out after multiple log-in attempts (to prevent others from “cracking” or “brute forcing” your password by going throug the dictionary one word at a time).

Did you follow all of that? Me neither, and I’m one of those people responsible for making it all up. And that’s my problem with passwords. We make them so insanely complex that everyone needs to write down their passwords. Defeating the entire purpose of the password. Now, it’s true, people think mostly that a slip of paper in a desk drawer isn’t a huge security risk in this day and age. Computer crimes, password theft, etc… it all happens in the ether when groups hack large databases and steal hundreds of thousands of passwords at a time (as was the case very recently at my regional power company). But if you think that nobody would ever try to break in and steal your computer, you’re sadly mistaken. And some may go far enough to look for the passwords to go along with them. These things do still happen.

Or, more likely, it could still just be as simple as a co-worker taking the information and impersonating you on the network and getting you fired. Anything can happen. We want your password to be secure, but I’m on your side: I hate that we make you change them so frequently. If we could trust you to just not give your password out, then you would have one password, and not have to write it down. It’s frustrating. But unfortunately, it doesn’t look like the “password policy” is going to change any time soon.

So here’s what you can do about it. There are some simple services that will help you adhere to password policies in effect where you work. One will help you determine if your password is strong (or generate a strong password for you to use). That site is at HowStrongIsMyPassword.com. A more fun website to see if you’re really safe is HowSecureIsMyPassword.net. This website really entertains me. You can put in your real password and see how long it’s expected that a modern computer would take to crack your password. My “work” password, according to the website, would take 102 million years to “crack” if a hacker were to try some sequential combination of characters (example: a? ab? abc? a-z? ba? bb? bc? and so on, until all possible combinations of letters and numbers, symbols, and numbers are exhausted). While it’s an impressive number, it’s all for naught if somebody can just look on my desk and find my password on a post-it on my monitor.

So just do your part to make your password fun. Most systems, like the computer in your typical office, will gladly accept characters such as spaces and even “!” exlamation marks. I encourage you to write a sentence with your password. Try it! It’s easier to remember, and harder to guess – even if someone knows you. For example, according to HowSecureIsMyPassword.net, it would take 62 sextillion years to crack your password if you made it something as simple to remember as “This is my password!” Another simple password to remember could be “I listened to 45’s growing up!” – not an easy thing to guess, and to crack, it could take 24 duodecillion years! So go on, try it!

I would like to thank DarkMethod45 for sharing “How Secure…” link with me, and inspiring part of this article.

Resetting your TCP/IP Stack

People have all kinds of nerdy reasons that they may need to reset their TCP/IP Stack. For me, I was unable o connect to Games for Windows Live. But if you ever find yourself offline and stranded with not internet connection except the browser on your smartphone, it may be a good idea to try resetting your TCP/IP stack!

All of the nerds and geeks on the internet will just tell you that, matter-of-factly, without ever telling you how. Here are some very good basics that you can try to troubleshoot yourself, when you don’t have internet access, network connectivity isn’t working, or when some things work and somethings don’t. Why do these features get so messed up? The world may never know. But it’s good to know there’s a few things you can do to try and fix it, apart from rebooting your modem and router! 😉

The following assumes you have at least local Administraor rights on your computer (most people do, to the distress of millions of IT folk).

First: Reset WINSOCK:
XP: Click Start, then Run, and type in CMD and press enter.
Vista/7: Click Start, then type CMD (in the Search Programs an Files bar at the bottom) and press enter.

This will bring up a familiar black Command Prompt Window. In there, type the following, and press enter:

netsh winsock reset

After rebooting the computer, see if that helped. No? Alright, that was just the WINSOCK portion of things, now let’s try resetting the whole TCP/IP stack.

Open a command prompt, same as above. Then type the following as a single line:

netsh int ip reset c:\resetstack.txt

And, of course, reboot the computer. Did that help? If not, then at least you can say you’ve tried – but I was lucky and this resolved a very strange issue for me where literally everything else I was trying was working, except communicating with the Games for Windows Live service, which is why I have to give credit for the inspiration of this post to a user who calls himself “eastmanblues” on the Xbox Live forums.

Adding another user's mailbox in Outlook, using BPOS & Office 365

This week’s post is another slightly more advanced one, so I apologize, but if you share this with your IT department, they’ll have no excuses! So you want full access to another user’s mailbox. It can be done, and has been done, with Exchange servers around the world. However if you need to do this in Microsoft’s Busness Productivity Online Suite (BPOS), then how in the world do you do it?

It used to be you could go to your Exchange server, find the user who is going to share their info with another user, and give them Send-As or Full-Access permissions. But where is that option in BPOS? It’s nowhere, that’s the problem. But that doesn’t mean you can’t do it.

First off, any user who is an Administrator in BPOS already has access to anybody’s mailbox under their domain. Meaning you can open up your Outlook client, go to your account settings, click Change, click More Settings, go to the Advanced Tab, then click ADD, and type a user’s name. It’s that easy.

But I haven’t answered your question, yet. WHAT ABOUT BPOS? Here’s the scoop. I figured this one out a few days ago and have only tested it in Business Productivity Online Suite. However, a support rep from Microsoft has “confirmed” that these commands should work in Office 365. Your mileage may vary.

Let’s say I have two users, Vera (vera@whutsit.com) and Dave (dave@whutsit.com). Vera needs full permissions to Dave’s email. She will be using the simple steps above to add Dave’s mailbox to her Outlook, however Vera is not a domain administrator, so a special permission will need to be created in the system. This is surprisingly easy to do.

An Administrator must run command in the Migration Command Shell (which was set up, at some point, during your migration to BPOS).

EXAMPLES

Enter the following cmdlets as ONE SINGLE COMMAND (any line breaks are due to web-design):
To GIVE Vera access to Dave’s mail:
Add-MSOnlineMailPermission -Identity vera@whutsit.com -TrustedUser dave@whutsit.com -GrantFullAccess $True

At some point down the road you may need to REVOKE that access:
Remove-MSOnlineMailPermission -Identity vera@whutsit.com -TrustedUser dave@whutsit.com -RemoveFullAccess $True

Note how the commands differe: the “Remove” not only at the beginning, but the end ofthe command, rather than “Add” and “Grant” respectively. I’m by no means an expert with this, but I certainly hope this helps someone out there!

In my router, what is WMM and should I enable it? Hint: yes!

Update: More than 5 years after writing this, it’s still one of the most popular articles on my website, so I decided to make a short video that explains this as well! 😉




Original post below:
Fridays are usually video game related articles. Today, I’m not talking about games themselves, but how the gaming console has become the entertainment hub in your livingroom. It’s a lengthy post, but I think it will prove to be of some value to most readers! The long and short of it is: I was having major problems streaming Netflix to any of my wireless consoles – PS3, 360, or Wii. But my desktop computer worked fine. I enabled WMM and the majority of my problems were solved. It’s not a one touch fix, by any means – there are a million potential reasons video would be buffering, even times when the service you’re streaming from won’t have adequate bandwidth, are caught throttling your connection, or are being investigated for generally poor speeds. There are times when your regional ISP may just be having technical issues. There are an abundance of issues that can arise at the dozens of hops between you and the media you’re watching or listening to. But, in optimal conditions, WMM is a feature that will help you.

There are debates galore concerning not only the effectiveness, but the legitimacy of “Wi-Fi Multimedia™ (WMM®) WMM® Quality of Service.” People don’t know what it is, don’t understand it, or don’t think it really does anything. Well, it’s my opinion and experience that it does make a difference for streaming movies, it’s worth noting, however that some people prefer to have this feature disabled, and doing so they claim faster overall throughput (faster “file” downloads). Personally, when I have WMM enabled, I do not see my regular download speeds slowed at all, and I enjoy the added benefit of buffer-free streaming to my Wi-Fi devices. Therefore, I’m going to explain not only why I think you should enable, but how to enable it.

The rest of this article gets technical, and also may have instructions which you don’t need – the “meat” of the question is answered above

.


A little background on WMM

Created by the Wi-Fi Alliance, a group of entities, including the manufacturers of wireless access points and networking hardware, WMM was designed to enhance the streaming of multimedia over wireless devices. From the technical side of things, despite drastic advancements in wireless technology, there will always be slightly higher latency in Wi-Fi devices than in wired connections. Trying to avoid all of the technical information, WMM allows traffic related to multi-media to take a higher priority, thus their packets get delivered first, meaning their “received!” packets will get back to the source sooner, meaning more packets will come your way sooner! “Net neutrality” goes out the Window… but only on your wireless network! In reality, if you enable WMM on your router, particularly in a home environment, it will not impact your other devices on the network, unless, say, you’re downloading and seeding a dozen torrents, streaming twenty movies, and making four VOIP calls at the same time!

Services like Zune, Qriocity, Last.FM, YouTube, Netflix, and Vudu have capitalized on that, by making their software available on your home console. But do you ever have problems with your console, be it Xbox, PS3, Wii, or other Wi-Fi devices like your phone or tablet, buffering? If you try it on your wired computer or laptop or even on the same console, just wired directly to your router, you have no problem. But if you try to use Wi-Fi, whatever you’re watching or listening to simply keeps getting interrupted. It doesn’t make any sense: you know you have enough bandwidth, other devices work, why not this stupid console? Why is everyone enjoying Inside Xbox but you?

Here’s what to do



I’m not positive about the others, but I do know that on a LinkSys, WMM is Disabled by default – which is why I wanted to share this tip with everyone, because it actually made a difference for me! Open up your web browser, and go to the address: 192.168.1.1 (if it is different from this, you’re probably advanced enough to know how to find it, because you most likely changed it yourself!).

Enter your router’s password. If you’ve never set it, there are several potential default passwords.

What’s the default password for my router?

  • LinkSys / Cisco: username: {none} / password: admin
  • NetGear: username: admin / password: password or 1234
  • D-Link: username: admin / password: admin – in some cases, D-Link may have no name, or no password, or use user as the username.
  • For best results, a quick search on the web ought to point you in the right direction of finding your specific router’s password
  • .

Once inside your router, you should be able to find an applications tab – in the case of the LinkSys WRT54G2 that we’re using in this example (an extremely common home router), it’s listed as Applications and Gaming. Here’s what it looks like for most LinkSys WRT54xx series routers:

After you click the tab at the top, the subtabs will change. As you can see in the same picture above, there will be an option that says
QoS. Click to the Quality of Service or QoS subtab.

Scroll to the bottom of the page and change the drop down for WMM to Enabled.

In a D-Link, you should go to the Advanced Tab, the Wireless Routing option on the left, then check the box to enable WMM.

On a NetGear, look for the QoS Setup option, under the blue Advanced header on the left side of the page. Click on that, then check the box to Enable WMM and click the small Apply button at the bottom.

*WHEW!!* Now that was an exhaustive post, but I hope it will get people thinking that they should give WMM a try, and help them ensure it’s enabled on their router!