A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Windows 10 » Windows 10 Help Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Password hints and settings



 
 
Thread Tools Rate Thread Display Modes
  #31  
Old November 18th 19, 10:20 PM posted to alt.comp.os.windows-10
123456789[_3_]
external usenet poster
 
Posts: 239
Default Password hints and settings

nospam wrote:
123456789 wrote:


they [Android apps] don't work well on all chromebooks.


All Android apps don't work well on all Android devices either.

Modern apps (like Smartnews) work in either portrait
or landscape mode and give a me a full 12" laptop
widescreen display.


those are the minority.


Course. Most Android apps are designed to run in portrait
mode (phones and tablets).

Older apps (like NPR news), designed for phones and
tablets, only work in portrait mode.


just like i said, not that well.


Actually very well using tablet mode.

For those I have two choices. Turn this 2 in 1
Chromebook into tablet mode for a full screen 12"
tablet experience, or leave it in laptop mode and have
a display about the size of a 7" tablet. Still quite
usable.


'still quite usable' is another way of saying 'it doesn't
work that well, but it's tolerable'.


Many Android tablets with physical keyboards do exactly the
same thing with portrait mode apps.

chromebooks are best at running chromeos, not android
apps.


Huh? Chromebooks run the Chrome OS that in turn runs the
Android apps...

it's not as good as running android apps on an android
device.


Absolute statements are seldom true. It depends on the
Chromebook and the Android device being compared.

you might not give a **** but most people do.


Ah. Time for the insult. First man with the insult loses you
know... You can have the last word. This forum is now
returned to its rightful W10 owners...


Ads
  #32  
Old November 18th 19, 11:49 PM posted to alt.comp.os.windows-10
Ken Springer[_2_]
external usenet poster
 
Posts: 3,817
Default Password hints and settings

On 11/18/19 10:42 AM, Chris wrote:
Ken Springer wrote:
On 11/15/19 10:26 AM, Chris wrote:
On 15/11/2019 09:44, Ken Springer wrote:
On 11/15/19 1:40 AM, Chris wrote:
Ken Springer wrote:
On 11/14/19 7:51 AM, Chris wrote:
On 14/11/2019 14:36, Ken Springer wrote:
On 11/14/19 2:33 AM, Chris wrote:

I just did a W10 install on something around here, I think it was this
Mac Mini for Bootcamp.
To my surprise, and the installer login screen, there was no way to
create a local account at that point.Â* And I looked.Â* Not even any
veiled wording that might take you to Timbuktu.

So I was forced to create an MS account just to complete this install.
I did not want to use my existing account. It should be my choice to use
an MS account or a local account at this point.

I and *not* happy.

And at this point, how does a password manager store the answers and
hints, or work when you are reinstalling from the ground up?

You store them on another synced device eg a phone.


Hi, Chris.

Sorry for the late reply. Too many other things, and just too tired to
get to this.

Don't take this wrong, but I find it interesting how, in general, we now
assume someone has more than one device to sync with.Â* G

It is the norm, but you're right there are many who don't. In that case,
in terms of the pw manager, you write down your answers temporarily.
Then, when the machine is setup, input them into the password manager.
Given this is a microsoft account you are going to need the details when
logging into the store, xbox or other MS service.


That's my basic question, how to others handle this need for the details
when it's a customer they don't know?


How does knowing a customer or not have any bearing on what you do with
passwords?


We have wandered far an away from my original post. The post is not
about the passwords, but about the answers to the security questions you
need to know to reset a password.

Let's get back to the original questions. :-)

snip
2.Â* Budgetary.Â* I can't afford them anymore.Â* I do have a Tracfone,
$10.79/month.Â* More of an emergency phone than anything else.

I pay about half than that for my smartphone.


Who's your provider?


IDmobile in the UK. I pay £5 a month.


You're not paying half that. As I write this, my currency convertor
says £5 is $6.48.

3.Â* Mobile phones do not work where I live, no line of sight to the cell
towers.Â* Since I have a working landline, certainly not going to pay for
a smartphone just to have connection using wireless for a dozen phone
calls a month.Â* LOL

There are more a places where a mobile is more useable than a landline
than vice versa. Out shopping, at the restaurant, in the car, etc. The
"mobile' aspect is very useful for most people.


I would submit this is a lifestyle choice, and a choice I don't wish to
live. And I get a bit perturbed when others assume everyone is like them.

That choice makes me wonder, how much money does it add to an
individual's cost of living?


Certainly it would cheaper not to have one. Same as not having a TV, car,
landline, heating, running water, electricity, ... Nowadays a mobile phone
is practically a necessity. To use online banking in the UK, it is expected
you can receive SMS.


Doesn't "necessity" depend on your choice of lifestyle?

If a person chooses to run around in a huge area of humanity like ants
in anthill, go for it. Just don't expect me to be a lemming and follow
you around. G

4.Â* Emergency phone service.Â* Lose a cell tower, you have no mobile
phone.Â* Much harder to lose landline service.Â* You don't need the power
company for this.

They're different that's all. You can easily lose the landline due to
falling trees.


This would depend on how well your local phone company has learned about
the environment they are operating in. Have they adjusted to "lessons
learned" from the past? I wonder if PG&E has, in California.

Here, phone lines have been buried for years. Only the pedestals are
above ground.


Cost vs benefit. My old house had the phone line come in via a pole. My
current one, only a few miles away from the previous one, has the phone
line buried.


Cost vs. benefit values means more than just money, today. I think the
last thing any utility would want today is to build and/or maintain an
infrastructure that stands a better chance of putting lives at stake.

My local electric utility has a maintenance program that stresses
replacement and upgrading of the infrastructure. As a result, my area
has some of the lowest cost and most reliable electrical power of
anywhere in the state.

Some factor in that may be the electric utility is "customer owned".

A fault in the overhead line is easy to fix, but relatively likely. The
buried cable is less likely be damaged, but expensive to fix.


True, viewed in money only. Now much money do you put on the value of a
human life?

We all make our own choices and those are yours, which is fine.


People need to make smart choices, many don't. Even public services like
the Sheriff's Dept. know a landline is a smart choice here.


Your definition of "smart" may be different to others.


"Smart" depends on the operating environment. What is smart in on area
may be the wrong thing in another area.

And, ATM, more interested in how people handle this with no access to
anything else the owner may have.

That's a pretty rare occurrence. And, bringing up edge cases doesn't
really change the general utility and safety of password managers. Even
for someone with only a single PC.


Why is it a rare occurrence? Wouldn't almost every installation of W10
by a shop, for a customer they've never seen, need this information?


Not having another device is a rare occurrence.

I did some basic tutoring for a volunteer at a local social agency,
stressing passwords.

What do you recommend people do, then, regarding using and managing
their passwords?


Specifics depend on the user's situation. I would recommend different
things for a computer used by multiple individuals than I would for a
single user system, such as mine.

Trying to cover the most people with a simple answer, I would put the
passwords in a spreadsheet, save the file to a thumb drive, and leave
the drive stored somewhere. Print it and store it in a safe place if
you have a hard time remembering them, and you don't have auto-fill
turned on in your browser.


This is exactly how a password manager works except it's secure, doesn't
require any hardware, can't be lost, corrupted, or accidentally deleted and
can be use in more than one place at a time.


Anything can be lost... Virtually anything. There is no perfect system
of protections, just the ones that are best for an individual. If you
really want to be computer secure, turn the damned thing off. LOL

How does your spreadsheet solution deal with the "setting up a new windows
machine" problem you raised earlier?


This is where we've "gone off the rails" from my original post, of
providing answers to the security questions for password recovery. If
you have the answers for those security questions before setting up a
system, you don't need a spreadsheet or password manager.

From this point, what I would tell someone would vary from individual
to individual. I do like the KISS principle, though. Much easier on
your psyche. G


Agree.



--
Ken
MacOS 10.14.6
Firefox 70.0.1
Thunderbird 60.9
"My brain is like lightning, a quick flash
and it's gone!"
  #33  
Old November 19th 19, 12:09 AM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Password hints and settings

In article , Ken Springer
wrote:

Trying to cover the most people with a simple answer, I would put the
passwords in a spreadsheet, save the file to a thumb drive, and leave
the drive stored somewhere. Print it and store it in a safe place if
you have a hard time remembering them, and you don't have auto-fill
turned on in your browser.


This is exactly how a password manager works except it's secure, doesn't
require any hardware, can't be lost, corrupted, or accidentally deleted and
can be use in more than one place at a time.


Anything can be lost... Virtually anything. There is no perfect system
of protections, just the ones that are best for an individual. If you
really want to be computer secure, turn the damned thing off. LOL


straw man.

How does your spreadsheet solution deal with the "setting up a new windows
machine" problem you raised earlier?


This is where we've "gone off the rails" from my original post, of
providing answers to the security questions for password recovery. If
you have the answers for those security questions before setting up a
system, you don't need a spreadsheet or password manager.


the insecurity questions normally ask about public information (e.g.
mother's maiden name, street you grew up on, what was your first car),
and not that difficult to find out for anyone sufficiently motivated.

the answers should *never* be valid answers (ideally random strings of
characters/numbers/symbols), not reused on another site and stored in a
password manager.

https://en.wikipedia.org/wiki/Sarah_Palin_email_hack
The hacker, David Kernell, had obtained access to Palin's account by
looking up biographical details such as her high school and birthdate
and using Yahoo!'s account recovery for forgotten passwords
  #34  
Old November 19th 19, 02:24 AM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Password hints and settings

In article , 123456789
wrote:

they [Android apps] don't work well on all chromebooks.


All Android apps don't work well on all Android devices either.


much better than on a chromebook.



For those I have two choices. Turn this 2 in 1
Chromebook into tablet mode for a full screen 12"
tablet experience, or leave it in laptop mode and have
a display about the size of a 7" tablet. Still quite
usable.


'still quite usable' is another way of saying 'it doesn't
work that well, but it's tolerable'.


Many Android tablets with physical keyboards do exactly the
same thing with portrait mode apps.


that's not good either.

chromebooks are best at running chromeos, not android
apps.


Huh? Chromebooks run the Chrome OS that in turn runs the
Android apps...


by adding a layer, which brings compromises. there's *no* getting
around that.

some functionality might not exist at all, such as a gps or a camera
that can generate a depth map.

it's not as good as running android apps on an android
device.


Absolute statements are seldom true. It depends on the
Chromebook and the Android device being compared.


in this case it's always true, given how it's implemented.

google is working to make it better and it might be 'good enough' for
most things, but it can't be as good as native android hardware.

you might not give a **** but most people do.


Ah. Time for the insult. First man with the insult loses you
know... You can have the last word. This forum is now
returned to its rightful W10 owners...


that's not in any way an insult.
  #35  
Old November 19th 19, 12:14 PM posted to alt.comp.os.windows-10
Chris
external usenet poster
 
Posts: 832
Default Password hints and settings

Ken Springer wrote:
On 11/18/19 10:42 AM, Chris wrote:
Ken Springer wrote:
On 11/15/19 10:26 AM, Chris wrote:
On 15/11/2019 09:44, Ken Springer wrote:
On 11/15/19 1:40 AM, Chris wrote:
Ken Springer wrote:
On 11/14/19 7:51 AM, Chris wrote:
On 14/11/2019 14:36, Ken Springer wrote:
On 11/14/19 2:33 AM, Chris wrote:

I just did a W10 install on something around here, I think it was this
Mac Mini for Bootcamp.
To my surprise, and the installer login screen, there was no way to
create a local account at that point.Â* And I looked.Â* Not even any
veiled wording that might take you to Timbuktu.

So I was forced to create an MS account just to complete this install.
I did not want to use my existing account. It should be my choice to use
an MS account or a local account at this point.

I and *not* happy.

And at this point, how does a password manager store the answers and
hints, or work when you are reinstalling from the ground up?

You store them on another synced device eg a phone.

Hi, Chris.

Sorry for the late reply. Too many other things, and just too tired to
get to this.

Don't take this wrong, but I find it interesting how, in general, we now
assume someone has more than one device to sync with.Â* G

It is the norm, but you're right there are many who don't. In that case,
in terms of the pw manager, you write down your answers temporarily.
Then, when the machine is setup, input them into the password manager.
Given this is a microsoft account you are going to need the details when
logging into the store, xbox or other MS service.

That's my basic question, how to others handle this need for the details
when it's a customer they don't know?


How does knowing a customer or not have any bearing on what you do with
passwords?


We have wandered far an away from my original post. The post is not
about the passwords, but about the answers to the security questions you
need to know to reset a password.

Let's get back to the original questions. :-)

snip
2.Â* Budgetary.Â* I can't afford them anymore.Â* I do have a Tracfone,
$10.79/month.Â* More of an emergency phone than anything else.

I pay about half than that for my smartphone.

Who's your provider?


IDmobile in the UK. I pay £5 a month.


You're not paying half that. As I write this, my currency convertor
says £5 is $6.48.


I did say "about half".

3.Â* Mobile phones do not work where I live, no line of sight to the cell
towers.Â* Since I have a working landline, certainly not going to pay for
a smartphone just to have connection using wireless for a dozen phone
calls a month.Â* LOL

There are more a places where a mobile is more useable than a landline
than vice versa. Out shopping, at the restaurant, in the car, etc. The
"mobile' aspect is very useful for most people.

I would submit this is a lifestyle choice, and a choice I don't wish to
live. And I get a bit perturbed when others assume everyone is like them.

That choice makes me wonder, how much money does it add to an
individual's cost of living?


Certainly it would cheaper not to have one. Same as not having a TV, car,
landline, heating, running water, electricity, ... Nowadays a mobile phone
is practically a necessity. To use online banking in the UK, it is expected
you can receive SMS.


Doesn't "necessity" depend on your choice of lifestyle?


Sure if holding a bank account is a lifestyle choice.

If a person chooses to run around in a huge area of humanity like ants
in anthill, go for it. Just don't expect me to be a lemming and follow
you around. G


You were asking for general suggestions on how to do something. What i and
others have suggested would work for most people. What you choose is
irrelevant.

4.Â* Emergency phone service.Â* Lose a cell tower, you have no mobile
phone.Â* Much harder to lose landline service.Â* You don't need the power
company for this.

They're different that's all. You can easily lose the landline due to
falling trees.

This would depend on how well your local phone company has learned about
the environment they are operating in. Have they adjusted to "lessons
learned" from the past? I wonder if PG&E has, in California.

Here, phone lines have been buried for years. Only the pedestals are
above ground.


Cost vs benefit. My old house had the phone line come in via a pole. My
current one, only a few miles away from the previous one, has the phone
line buried.


Cost vs. benefit values means more than just money, today. I think the
last thing any utility would want today is to build and/or maintain an
infrastructure that stands a better chance of putting lives at stake.


Talk to Pacific gas. I think they'd disagree.


My local electric utility has a maintenance program that stresses
replacement and upgrading of the infrastructure. As a result, my area
has some of the lowest cost and most reliable electrical power of
anywhere in the state.

Some factor in that may be the electric utility is "customer owned".

A fault in the overhead line is easy to fix, but relatively likely. The
buried cable is less likely be damaged, but expensive to fix.


True, viewed in money only. Now much money do you put on the value of a
human life?


Er, we're talking about phone lines. Where's the relevance?

What do you recommend people do, then, regarding using and managing
their passwords?

Specifics depend on the user's situation. I would recommend different
things for a computer used by multiple individuals than I would for a
single user system, such as mine.

Trying to cover the most people with a simple answer, I would put the
passwords in a spreadsheet, save the file to a thumb drive, and leave
the drive stored somewhere. Print it and store it in a safe place if
you have a hard time remembering them, and you don't have auto-fill
turned on in your browser.


This is exactly how a password manager works except it's secure, doesn't
require any hardware, can't be lost, corrupted, or accidentally deleted and
can be use in more than one place at a time.


Anything can be lost... Virtually anything.


True, but a single, small device is far more likely to be lost than a
duplicated, backed up online file.

There is no perfect system
of protections, just the ones that are best for an individual.


I'd argue the spreadsheet on a stick is the least best option.

If you
really want to be computer secure, turn the damned thing off. LOL


Don't forget to throw it out the window


How does your spreadsheet solution deal with the "setting up a new windows
machine" problem you raised earlier?


This is where we've "gone off the rails" from my original post, of
providing answers to the security questions for password recovery.


How is this off the rails? You don't like password managers and you have a
specific reason for it. However, your preferred option is no better in that
scenario either.

If
you have the answers for those security questions before setting up a
system, you don't need a spreadsheet or password manager.


How will you remember the answers when you need to recover your password,
then? Needing password recovery is not a common situation so forgetting the
recovery answers is a very real prospect.


  #36  
Old November 19th 19, 04:19 PM posted to alt.comp.os.windows-10
Ken Springer[_2_]
external usenet poster
 
Posts: 3,817
Default Password hints and settings

On 11/19/19 4:14 AM, Chris wrote:
Ken Springer wrote:
On 11/18/19 10:42 AM, Chris wrote:
Ken Springer wrote:
On 11/15/19 10:26 AM, Chris wrote:
On 15/11/2019 09:44, Ken Springer wrote:
On 11/15/19 1:40 AM, Chris wrote:
Ken Springer wrote:
On 11/14/19 7:51 AM, Chris wrote:
On 14/11/2019 14:36, Ken Springer wrote:
On 11/14/19 2:33 AM, Chris wrote:


snip?

You were asking for general suggestions on how to do something. What i and
others have suggested would work for most people. What you choose is
irrelevant.


With all due respect, Chris, I was not asking how to do something in
general. I was asking how others handled answering questions that are
obviously personal choices of a system's user/owner.

Here's my original post, in it's entirely:

On 11/12/19 8:15 AM, Ken Springer wrote: This is just curiosity on my part...

For those of you who work in the industry as a job/profession, how do
you handle making the settings and answering password hint questions?

Some examples of what I'm referring to:

1. When you install W10, you're asked 7 or 8 questions, like Inking on
or off, location on or off, diagnostic sending on on or off, etc. Do you
talk to your customer about those settings before you do the install?
Explaining what they do and mean? These are the things I don't think
the usual users knows anything about, yet we'll comment about the
ignorance of the user. If we don't talk to the user about these
situations, aren't we just perpetuating that ignorance?

2. Similarly, the answers to security questions you have to know to
recover passwords. I just did an install for a friend, and I just used
random answers, and gave her the answers printed on paper. Upset, is an
accurate reaction. "I'll never remember those!" LOL I changed them.
:-) A worse case scenario are those situations where you have to
provide both question and answer.

3. What do you do for situations where the settings created by the
install seemingly make no sense? For example, I've had the odd occasion
where System Restore was turned on, but no space was created for the
restore points.

Much of my employment history is general aviation, mechanic. Pilots
have checklists to use. Mechanics have checklists for inspections to
use. OT, I found most of the manufacturer's checklists for inspections
to be useless, so I made my own.

Prior to W10, I had similar checklists for W7 and before, so my work
would be consistent. I keep telling myself to make one for W10, but I
never get it done. LOL And while writing this, I've got 3 laptops here
I didn't remember check the System Restore situation.

Maybe, just maybe, I should get off my butt and make the checklist! LOL


--
Ken
MacOS 10.14.6
Firefox 70.0.1
Thunderbird 60.9
"My brain is like lightning, a quick flash
and it's gone!"


In no place did I ask about how to manage passwords. The first two
questions are how people handled answering questions that are obviously
the individuals choice, not a tech's.

The last question was how people handle a setting that was created by an
install that obviously makes no sense. In the case of the third
question, do people generally turn off System Restore, or reserve space
for restore points.

How people choose to manage their passwords is up to them, and they will
do what "fits" them.

snip

Cost vs. benefit values means more than just money, today. I think the
last thing any utility would want today is to build and/or maintain an
infrastructure that stands a better chance of putting lives at stake.


Talk to Pacific gas. I think they'd disagree.


I'm not so sure the decisions made have been left totally to PG&E and
others. I've seen news reports stating that some laws in California are
structured to force PG&E and others into doing things so that renewable
energy is more "enticing" to the customer who looks at the cost.

Sometimes, I just don't understand people. PG&E, and I suspect other
companies, turn off electricity in an area so a wildfire isn't caused by
their equipment, potentially saving homes, and people complain.

My local electric utility has a maintenance program that stresses
replacement and upgrading of the infrastructure. As a result, my area
has some of the lowest cost and most reliable electrical power of
anywhere in the state.

Some factor in that may be the electric utility is "customer owned".

A fault in the overhead line is easy to fix, but relatively likely. The
buried cable is less likely be damaged, but expensive to fix.


True, viewed in money only. Now much money do you put on the value of a
human life?


Er, we're talking about phone lines. Where's the relevance?


Doing it the "cheap" way potentially puts more people's lives at risk,
due to increased possibility of no means for emergency notifications.

snip

Anything can be lost... Virtually anything.


True, but a single, small device is far more likely to be lost than a
duplicated, backed up online file.


True, if you're willing to put your data in the hands of someone else.
In my case, I prefer to keep all my data in my hands, not someone
else's. If I lose something, I bear 100% of the responsibility, no one
else to accuse or wonder about. And I'm willing to accept that
responsibility.

Obviously, an individual has no control over data stored by others.
Since I have no control over that data, I don't worry about it.

There is no perfect system
of protections, just the ones that are best for an individual.


I'd argue the spreadsheet on a stick is the least best option.


There's at least one least best option, a spiral notebook in the desk,
the book has a half-dozen passwords for a site, and the user doesn't
know which one is current. shaking head But as I said, users will do
what fits them, regardless of what we recommend.

If you
really want to be computer secure, turn the damned thing off. LOL


Don't forget to throw it out the window


Shall we crush it by driving a bulldozer over it too? LOL

How does your spreadsheet solution deal with the "setting up a new windows
machine" problem you raised earlier?


This is where we've "gone off the rails" from my original post, of
providing answers to the security questions for password recovery.


How is this off the rails? You don't like password managers and you have a
specific reason for it. However, your preferred option is no better in that
scenario either.


It's off the rails because it had nothing to do with my original questions.

If
you have the answers for those security questions before setting up a
system, you don't need a spreadsheet or password manager.


How will you remember the answers when you need to recover your password,
then? Needing password recovery is not a common situation so forgetting the
recovery answers is a very real prospect.


My original questions had to do with the OS installation, not passwords
to individual's accounts at a bank, school, etc. The security questions
are all personal, such as "What's your mother's maiden name?", and if
you can't remember those answers, maybe you should crush the computer
with a bulldozer. G


--
Ken
MacOS 10.14.6
Firefox 70.0.1
Thunderbird 60.9
"My brain is like lightning, a quick flash
and it's gone!"
  #37  
Old November 19th 19, 05:58 PM posted to alt.comp.os.windows-10
Frank Slootweg
external usenet poster
 
Posts: 1,226
Default Password hints and settings

123456789 wrote:
nospam wrote:
123456789 wrote:


they [Android apps] don't work well on all chromebooks.


All Android apps don't work well on all Android devices either.


No ****!? :-)

Modern apps (like Smartnews) work in either portrait
or landscape mode and give a me a full 12" laptop
widescreen display.


those are the minority.


Course. Most Android apps are designed to run in portrait
mode (phones and tablets).


Well, for my tens and tens of apps, they're the *majority*. All but
one work fine in both portrait and landscape mode. The one insists on
portrait mode, also on a tablet.

But that's just me. Of course nospam knows best.

[More wresting with the resident compulsive arguer deleted.]
  #38  
Old November 19th 19, 07:29 PM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Password hints and settings

In article , Ken Springer
wrote:

Sometimes, I just don't understand people. PG&E, and I suspect other
companies, turn off electricity in an area so a wildfire isn't caused by
their equipment, potentially saving homes, and people complain.


only pg&e is stupid enough to do that ****.

people complain because the shutdown was done purely for political
reasons, not for safety.

the shutdown put millions of people at risk, particularly those who
need power for medical equipment to stay alive, such as supplemental
oxygen.

it also caused substantial financial losses for many, many businesses
and families.

not surprisingly, pg&e cannot be sued for recovery.


Some factor in that may be the electric utility is "customer owned".

A fault in the overhead line is easy to fix, but relatively likely. The
buried cable is less likely be damaged, but expensive to fix.

True, viewed in money only. Now much money do you put on the value of a
human life?


Er, we're talking about phone lines. Where's the relevance?


Doing it the "cheap" way potentially puts more people's lives at risk,
due to increased possibility of no means for emergency notifications.


yet another reason why a power shutdown was a really stupid idea.


Anything can be lost... Virtually anything.


True, but a single, small device is far more likely to be lost than a
duplicated, backed up online file.


True, if you're willing to put your data in the hands of someone else.
In my case, I prefer to keep all my data in my hands, not someone
else's. If I lose something, I bear 100% of the responsibility, no one
else to accuse or wonder about. And I'm willing to accept that
responsibility.


except that is a substantially higher risk.

Obviously, an individual has no control over data stored by others.
Since I have no control over that data, I don't worry about it.


false. people have full control over it.

There is no perfect system
of protections, just the ones that are best for an individual.


I'd argue the spreadsheet on a stick is the least best option.


There's at least one least best option, a spiral notebook in the desk,
the book has a half-dozen passwords for a site, and the user doesn't
know which one is current. shaking head But as I said, users will do
what fits them, regardless of what we recommend.


that is by far, the worst possible option.

there are no backups of a paper notebook, and if it's destroyed in a
fire or flood or even mistakenly thrown away, you will be instantly
locked out of everything.




If
you have the answers for those security questions before setting up a
system, you don't need a spreadsheet or password manager.


How will you remember the answers when you need to recover your password,
then? Needing password recovery is not a common situation so forgetting the
recovery answers is a very real prospect.


My original questions had to do with the OS installation, not passwords
to individual's accounts at a bank, school, etc. The security questions
are all personal, such as "What's your mother's maiden name?", and if
you can't remember those answers, maybe you should crush the computer
with a bulldozer. G


using real answers is an incredibly stupid idea.

mother's maiden name is public record and one of the *easiest* things
for someone to find.

*always* use fake answers and put them in a password manager.
  #39  
Old November 19th 19, 07:39 PM posted to alt.comp.os.windows-10
Ken Springer[_2_]
external usenet poster
 
Posts: 3,817
Default Password hints and settings

On 11/19/19 11:29 AM, nospam wrote:
the shutdown put millions of people at risk, particularly those who
need power for medical equipment to stay alive, such as supplemental
oxygen.


And here is where modern society fails. Damned if you do, damned if you
don't.

--
Ken
MacOS 10.14.6
Firefox 70.0.1
Thunderbird 60.9
"My brain is like lightning, a quick flash
and it's gone!"
  #40  
Old November 19th 19, 10:53 PM posted to alt.comp.os.windows-10
Chris
external usenet poster
 
Posts: 832
Default Password hints and settings

Ken Springer wrote:
On 11/19/19 4:14 AM, Chris wrote:
Ken Springer wrote:
On 11/18/19 10:42 AM, Chris wrote:
Ken Springer wrote:
On 11/15/19 10:26 AM, Chris wrote:
On 15/11/2019 09:44, Ken Springer wrote:
On 11/15/19 1:40 AM, Chris wrote:
Ken Springer wrote:
On 11/14/19 7:51 AM, Chris wrote:
On 14/11/2019 14:36, Ken Springer wrote:
On 11/14/19 2:33 AM, Chris wrote:


snip?

You were asking for general suggestions on how to do something. What i and
others have suggested would work for most people. What you choose is
irrelevant.


With all due respect, Chris, I was not asking how to do something in
general. I was asking how others handled answering questions that are
obviously personal choices of a system's user/owner.


Hence the suggestion of password managers. See below.

snip


Talk to Pacific gas. I think they'd disagree.


I'm not so sure the decisions made have been left totally to PG&E and
others. I've seen news reports stating that some laws in California are
structured to force PG&E and others into doing things so that renewable
energy is more "enticing" to the customer who looks at the cost


Sometimes, I just don't understand people. PG&E, and I suspect other
companies, turn off electricity in an area so a wildfire isn't caused by
their equipment, potentially saving homes, and people complain.


When their lack of investment in resilience and maintenance is responsible
for causing catastrophic fires and they still refuse to fix things then
people are entitled to complain.

Proper regulation wouldn't allow this.


A fault in the overhead line is easy to fix, but relatively likely. The
buried cable is less likely be damaged, but expensive to fix.

True, viewed in money only. Now much money do you put on the value of a
human life?


Er, we're talking about phone lines. Where's the relevance?


Doing it the "cheap" way potentially puts more people's lives at risk,
due to increased possibility of no means for emergency notifications.


That's a bit of a reach.

snip

Anything can be lost... Virtually anything.


True, but a single, small device is far more likely to be lost than a
duplicated, backed up online file.


True, if you're willing to put your data in the hands of someone else.
In my case, I prefer to keep all my data in my hands, not someone
else's. If I lose something, I bear 100% of the responsibility, no one
else to accuse or wonder about. And I'm willing to accept that
responsibility.

Obviously, an individual has no control over data stored by others.
Since I have no control over that data, I don't worry about it.


Obviously you don't know how password managers work.

I have complete control over my passwords. I'm not beholden to anything and
i can choose how my passwords are used and synced.


If
you have the answers for those security questions before setting up a
system, you don't need a spreadsheet or password manager.


How will you remember the answers when you need to recover your password,
then? Needing password recovery is not a common situation so forgetting the
recovery answers is a very real prospect.


My original questions had to do with the OS installation, not passwords
to individual's accounts at a bank, school, etc. The security questions
are all personal, such as "What's your mother's maiden name?", and if
you can't remember those answers, maybe you should crush the computer
with a bulldozer. G


You should never answer those questions truthfully. They're simply
challenge response questions. There's no need for the third party to know
such personal information, especially if the questions are common to
multiple sites.

What happens when site A is comprised and site B has very similar
questions?
https://www.wired.com/2016/09/time-k...-answer-lies/#

Plus, some questions may have vague answers or are impossible to answer.
Favourite colour? Not sure. First foreign country you visited? Also not
sure. First car? Never had one. Your mother's maiden name? Which mother?
Etc.

Best to use made-up answers and store them. That's my point and that's how
you deal with people you don't know; you don't need to know them.

  #41  
Old November 19th 19, 11:50 PM posted to alt.comp.os.windows-10
Ken Blake[_7_]
external usenet poster
 
Posts: 569
Default Password hints and settings

On 11/19/2019 2:53 PM, Chris wrote:
Ken Springer wrote:
On 11/19/19 4:14 AM, Chris wrote:
Ken Springer wrote:
On 11/18/19 10:42 AM, Chris wrote:
Ken Springer wrote:
On 11/15/19 10:26 AM, Chris wrote:
On 15/11/2019 09:44, Ken Springer wrote:
On 11/15/19 1:40 AM, Chris wrote:
Ken Springer wrote:
On 11/14/19 7:51 AM, Chris wrote:
On 14/11/2019 14:36, Ken Springer wrote:
On 11/14/19 2:33 AM, Chris wrote:


snip?

You were asking for general suggestions on how to do something. What i and
others have suggested would work for most people. What you choose is
irrelevant.


With all due respect, Chris, I was not asking how to do something in
general. I was asking how others handled answering questions that are
obviously personal choices of a system's user/owner.


Hence the suggestion of password managers. See below.

snip


Talk to Pacific gas. I think they'd disagree.


I'm not so sure the decisions made have been left totally to PG&E and
others. I've seen news reports stating that some laws in California are
structured to force PG&E and others into doing things so that renewable
energy is more "enticing" to the customer who looks at the cost


Sometimes, I just don't understand people. PG&E, and I suspect other
companies, turn off electricity in an area so a wildfire isn't caused by
their equipment, potentially saving homes, and people complain.


When their lack of investment in resilience and maintenance is responsible
for causing catastrophic fires and they still refuse to fix things then
people are entitled to complain.

Proper regulation wouldn't allow this.


A fault in the overhead line is easy to fix, but relatively likely. The
buried cable is less likely be damaged, but expensive to fix.

True, viewed in money only. Now much money do you put on the value of a
human life?

Er, we're talking about phone lines. Where's the relevance?


Doing it the "cheap" way potentially puts more people's lives at risk,
due to increased possibility of no means for emergency notifications.


That's a bit of a reach.

snip

Anything can be lost... Virtually anything.

True, but a single, small device is far more likely to be lost than a
duplicated, backed up online file.


True, if you're willing to put your data in the hands of someone else.
In my case, I prefer to keep all my data in my hands, not someone
else's. If I lose something, I bear 100% of the responsibility, no one
else to accuse or wonder about. And I'm willing to accept that
responsibility.

Obviously, an individual has no control over data stored by others.
Since I have no control over that data, I don't worry about it.


Obviously you don't know how password managers work.

I have complete control over my passwords. I'm not beholden to anything and
i can choose how my passwords are used and synced.


If
you have the answers for those security questions before setting up a
system, you don't need a spreadsheet or password manager.

How will you remember the answers when you need to recover your password,
then? Needing password recovery is not a common situation so forgetting the
recovery answers is a very real prospect.


My original questions had to do with the OS installation, not passwords
to individual's accounts at a bank, school, etc. The security questions
are all personal, such as "What's your mother's maiden name?", and if
you can't remember those answers, maybe you should crush the computer
with a bulldozer. G


You should never answer those questions truthfully.



That's not bad advice, *if* you can remember the made-up answers. For
many people, that wouldn't work. The reason for such questions is that
most of us can easily remember the answers to them.

My memory s terrible. I always answer those questions truthfully.


They're simply
challenge response questions. There's no need for the third party to know
such personal information, especially if the questions are common to
multiple sites.

What happens when site A is comprised and site B has very similar
questions?
https://www.wired.com/2016/09/time-k...-answer-lies/#

Plus, some questions may have vague answers or are impossible to answer.
Favourite colour? Not sure. First foreign country you visited? Also not
sure. First car? Never had one. Your mother's maiden name? Which mother?
Etc.




I can answer all of the questions you cite without a problem. But not
everyone can. That's why you usually get a choice of questions. Don't
have a favorite color? Don't choose that question. And so on.


--
Ken
  #42  
Old November 20th 19, 12:37 AM posted to alt.comp.os.windows-10
nospam
external usenet poster
 
Posts: 4,718
Default Password hints and settings

In article , Ken Blake
wrote:

My original questions had to do with the OS installation, not passwords
to individual's accounts at a bank, school, etc. The security questions
are all personal, such as "What's your mother's maiden name?", and if
you can't remember those answers, maybe you should crush the computer
with a bulldozer. G


You should never answer those questions truthfully.



That's not bad advice, *if* you can remember the made-up answers. For
many people, that wouldn't work. The reason for such questions is that
most of us can easily remember the answers to them.


there's no need to remember anything when the answers are in a password
manager.

My memory s terrible. I always answer those questions truthfully.


then your risk of being hacked is significantly higher.

the answers are usually public data or can be easily found in other
ways.
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 11:22 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.