The Heartbleed Password Dilema
OK, the fallout from the ‘heartbleed’ bug is worse than I thought. The problem is with how we, as humans, don’t manage a ton of passwords well. It isn’t so much that we are lazy, but to avoid clutter in our mind, we re-use passwords across the internet to log-in to different websites.
But with the heartbleed vulnerability, the problem becomes worse because of our conservation of brain cells and the repeated username and password combination becomes yet another vulnerability.
You see, most people don’t come-up with a unique username and password for each site they have become a member of. Most people reuse the same username over and over so that they can be identified as themselves by friends and acquaintances across networks. Now, that would still be OK if the password used was unique for each and every website that user logged into using that username. But because we are trying to make things simpler we usually only use a small index of passwords from which we draw our passwords, so that we don’t have to remember so many, because we know what it feels like to be locked-out.
It all has to do with username and password pairs.
So if a user logs in as “Gibraltor5” with a password of “1Ydd/R247” on a forum website that is compromised, the problem then becomes that the username and password pair are entered into a database and some malicious hacker will eventually try to use that username & password pair at other places, such as Yahoo, Twitter, Gmail, Facebook, Chase, CapitalOne, Amex, etc…
So eventually, someone will make a program that will actually try to login to all sorts of websites using “Gibraltor5” as the username and “1Ydd/R247” as the password, possibly even on a global scale. Once more, they may not stop at one attempt. They might wait a year or so and try again, just to check if the user had protected his accounts, but then gone back to his lazy ways.
So from now on, you have to create a unique password for every single site that you have ever accessed.
Even though Google may say that your Gmail and Google+ accounts are safe, they aren’t if you have ever used the same username and password combination ever before or afterwards on any site. You can’t be sure that any certain site was or wasn’t compromised. The username and password pair could have come from a site you don’t even remember joining. So if you have a tendency, like most humans, to use the same password over and over, you have to stop that right now, go back to all the sites that you have ever been a member of, and change your password to something unique.
Now, if you are like me, you have lots of places that you frequent. That means you will require so many passwords you won’t know how to keep them all straight without writing them down. But if you write them on plain paper, or in a little black book of passwords like I used to do, you open yourself to having them ripped off and hacked that way, by your very own hand.
The best way to do it then, is use a password program that will keep all your passwords safe and handy. Since I don’t always have my PC with me, but I try to always have my phone on me, I have to recommend Kuff’s Password Safe for the Android. It allows you to generate unique jibberish style passwords on the fly, comes with 128 or 256 bit encryption to protect your entire catalog of passwords, categorize them, and more. The one thing is that you must remember the password you will use to access the application, because there is no back door and without that one password, you will not be able to access the application again. The good news is that you only have one password to remember, again.
Now, to top that off, you can also get another version for Windows, so that you can update and access your password data across platforms, as well as backup your data to remote servers such as Dropbox, SkyDrive & Google Drive, or to your local Windows machine.
Kuffs Password Safe on Google Play:
https://play.google.com/store/apps/details?id=uk.co.kuffs.free.passwordsafe
The developer’s website for Kuffs Password Safe (Android & Windows):
http://www.kuffs.co.uk/
If you do not have an Android smartphone and/or tablet, and you do not expect to upgrade to a smartphone, or if you prefer a Macintosh supported version, you will have to shop around. But this little utility, a password safe, to secure all of your username and password pairs and other private information, encrypt the data to protect it from malicious hacker idiots, is now an important and vital component in the life of anyone who has or had an online lifestyle (meaning anyone who ever has done anything online).
Business Apps: Password Safe
Although I have already reviewed Kuff’s Password safe on my android apps & widgets blog called Widget Droid, most readers here probably don’t realize that Kuff’s Password Safe is also the very best Password Safe/Vault application on Windows machines, as well.
So here is a link to my article on the very best Password organizer and encrypted safety app on the market…
What’s the Very Best Password Safe?
Just remember the master password that gets you into the program. 😉
Outlook 2010
Well, my wife has had a little time to get used to how Outlook 2010 does things now. So this is a brief update on our impression of it…
My wife likes it, but has some issues. The same issues cause me to think that it is a worthless piece of crap.
- Old contacts from Windows Vista Mail were never imported. Not doing this automatically (or at least asking permission to) is just pure stupidity. What was the sense in transferring everything over from Vista in the first place? To have the old files, yes, but also to have the very same application data and configuration. Outlook 2010 is pathetic because it craps on the whole idea of maintaining a so-called “seamless” upgrade path. This is absolutely inexcusable and stands a testament to the absolute thoughtlessness and complete lack of vision of the entire Outlook development team.
- Multiple accounts?: Multiple Inboxes! This in itself is completely void of intelligence. The fact that Outlook has to have multiple inboxes for multiple email addresses and never incorporates them all into a streamlined universal inbox is beyond the realm of stupidity. This is yet another stupid task that should have been done completely automatically.
- Adding contacts is pretty awkward as well. You don’t get access to this function unless you have an email previewed. THEN you can add its contact and have access to the contacts. But not until you have an email cued-up somehow. Really? I mean, maybe the only reason I ran the damn program was to change Aunt Len’s address because she moved. And the social contacts is just in the way. My wife doesn’t participate in any social networking sites, so it is just in the way and confusing her.
Really Microsoft? With the release of Windows 7 I was finally ready to take you seriously, and more than just a necessary business toy that I was required to have and support. But Outlook 2010 can’t incorporate the simple email functionality that we have come to expect from every other email program in the world? C’MON, MAN! C’MON YOU MULTI-BILLION DOLLAR INTERNATIONAL CORPORATION! Get with it.
I already started taking Microsoft seriously when I found that their hardware products were so damn good (XBOX, mice and keyboards). But I have still been waiting a very long time for them to develop any usable software products. With Windows 7 I thought that Microsoft had started producing software that actually worked, but they have completely dropped the ball with any other software packages they produce (Expression, Publisher and IE8/9 are direct examples of this ineptness). With Outlook 2010’s pathetic featureless release I don’t really expect Microsoft to ever get what users expect out of their computing experience.
Windows 7 Mail Issues, Outlook and Office 2010 Purchase Woes
Recently, my wife Maria’s HP laptop battery went bad, and we think that toasted some chip when it got hot and the computer refused to boot properly. And of course you try everything to get the dang thing running again, so we invested a great deal of time just checking to make sure it was dead. Of course, the results were definite, and she had to replace that laptop, which was running Windows Vista. Although we originally went shopping for a cheap replacement, I think that despite the fact that her Vista based HP machine was actually a pretty expensive model, she couldn’t seem to get the features she needed with spending a few extra bucks by avoiding HP products in the hopes that her new Dell would be much more reliable (to say the very least, the dang HP didn’t even last a couple years).
As you know, when you buy a new computer it’s always a huge hassle reloading it with all the applications that you have used routinely over the last few years. Email is, of course, detrimental to business, and the Live Mail that had come with her new Windows 7 based laptop was apparently no longer downloading her mail to the server. On top of that, the simple spam detection, protection and deletion system which had previously worked so extremely well in Windows Vista Mail was apparently not working at all in the new Windows 7 laptop. Maria was spending all sorts of time deleting mail that the computer simply trashed for her, previously. And the mail server kept sending out warning messages about the size of her email box even though I finally got fed up with increasing her mailbox size and set it to infinite (we are talking about GBs of spam, here).
And spammers wonder why we hate them?
Maria had used the version of Outlook from Office for her email when she owned desktop computers previously, and Vista had come with a really nice “Mail” program for email that worked for her when she was on Vista. So, by the time all this trouble with her email started resurfacing every couple weeks we had no idea where her legal copy of Office 2007 went.
Now, of course we decided to buy a copy of Microsoft Office 2010 for Home and Student. Everywhere that I looked for this program online just showed the price and no write-up or package details. There weren’t even any reviews that I noticed. We had used other versions of Works and Office before, as well. So, when I went out shopping at the stores for the best price (as we were in a hurry to get this working and we didn’t have to wait for a package to arrive from Timbuktu), I was quite surprised to find that apparently Microsoft had changed the Office Home and Student edition and weren’t including Outlook in the package anymore. This was a pretty big deal because the reason she was buying it was to get Outlook and have Word, but without Outlook, that Home and Student bundle was pretty much worthless to her.
Now this was quite interesting, since I had some familiarity with the package. Although I don’t use it, Maria has almost always used it. And I had checked all sorts of sites, read descriptions, even visited the Microsoft Office website and read as much as I could about the package. So it was strange to me that when I arrived at Staples to start shopping for it, it was only then (right when I was staring at the actual product packaging) when I finally realized that Outlook didn’t even come with the Home & Student edition of Office 2007. Huh? We were only really buying it for email and it didn’t have it? Whoa. I guess Microsoft got smart about it and gave everyone a (really, really) crappy email client figuring that a business wouldn’t be able to handle such a pathetic program and they would all most certainly have to upgrade to a paid email client. Pretty smart, when you think of it. But I consider this type of smarts evil genius, you know what I am talking about? I mean, don’t give consumers who purchase a new Windows 7 based computer even a half-assed good email client? Win 7’s Mail Live client is absolutely pathetic. But that is what I am talking about, it’s evil genius.
Doesn’t Microsoft know that the car companies were sued for purposely engineering-in breakdowns on car parts? What ever happened to that suit, anyway? Oh yeah, we never heard anything about it after a while, did we? See? Evil genius. HP did the same thing with printer ink. I had to opt-out of that class action suit. Maybe the battery overheating and killing my wife’s Vista laptop was also an engineered issue. Absolute evil genius. I stand in awe of these fault-engineered computer time-bombs that can’t even last a couple years (but will always make it past the one-year warranty). A bow to the genius of these evil engineers.
Anyway, there was no way we were going to solve our email problem with the Office 2010 Home & Student edition. And Outlook, all by its lonesome, cost the same as the Home & Student: $120.00! We had to upgrade to the Home & Business version of Office 2010. I wound-up buying it at Staples for $180.00. It was the first place I looked, but I didn’t actually buy it until after searching the whole city for the best price because my DroidX’s Savvy Shopper app had just upgraded and wasn’t working.
I grabbed the product key from Staples since she already had Office 2010 preinstalled on her new Windows 7 Dell. I thought that the install would be a breeze because of this, and because I had already copied all of her email contacts from her Vista machine hard drive. But apparently, Outlook 2010 doesn’t even look to see if there are any contacts to import from Vista Mail? LOL… and of course, that lead to more confusion!
Then we go into the issue of the Outlook upgrade. As it has been updated for social media and community networks, just getting the dang contacts in there is apparently a chore because everything has changed. I’m hoping I can fix it by importing her contacts from the old Vista Mail program somehow, but she seems to be making do anyway now that she has spent a terrific amount of time on the computer figuring everything out. She keeps showing me the computer when I don’t have any glasses on, and I already hate Outlook so I can’t make heads or tails of anything, yet.
She should slow down so that I can jump-in to take a look soon, though.
But all this really makes you think about how badly these companies are gouging us. All this hassle just for a convenient, reliable email client for business? But when do we stop getting reamed in the butt for it? We really are dependent on technology these days, aren’t we? It is because of email that Maria needs to communicate with her students that she had to run out and buy a new computer in the first place. Otherwise she could have gone without. Computers were supposed to help us and ease our work process, not make everything more complicated, expensive and laborious. Lately these hardware and software companies have just been cramming it up our boots and I am getting pretty sore about it. Damn evil geniuses.