Month: September 2015

Password Storage Done Right

~ David Cameron ~ Leave a comment

Storing & managing passwords is really hard these days. Passwords are easier to crack. Breaches to one system mean other accounts can be exposed. Even the FBI’s most wanted can’t get it right.

Even the systems you might depend on break.

Best Practices for Passwords

Lets just review best practices for passwords:
  1. Use a complex password. A complex password is one that doesn’t include dictionary words or common phrases that might be used in a dictionary attack. This is getting hard as previously uncommon phrases can become part of a new dictionary. Ideally use a random password.
  2. Use a long password. This will help defend against dictionary attacks.
  3. Don’t use the same password. Ever. This is because if the password is broken in one system, it can be used to log into the other systems.

It needs to…

Just to make things easier, I personally use a range of platforms so I’m looking for something that runs on:
  • Windows
  • OSX
  • iOS
I also need to be able to retrieve, add and edit passwords on any platform. Changes on any one platform should sync to all other others.

It doesn’t need to…

I’m not looking for something that integrates directly into the browser. I’m concerned that something that is directly integrated into the browser is too much of a target for attack. This knocks out using something like Chrome to store passwords, aside from the issue that it can only store web based passwords.
Password based services like LastPass are also an issue, given that someone cracking LastPass can then access your entire set of passwords. These systems are a huge target.

Solution

Best practices are to use a password manager. Syncing was once a challenge, but now with platforms like google drive and dropbox are far easier.

So I use:

  1. KeePass2 – works on Windows
  2. MacPass – works on OSX
  3. KyPass3 – works on iOS
  4. Dropbox – to sync them everywhere
KyPass 3 supports syncing with a dropbox folder and the other apps just talk to the filesystem. It’s an awesome solution that lets you view / edit your passwords anywhere.

Windows 8

~ David Cameron ~ 1 Comment

Now Windows 10 has been released, I feel it’s worth putting together a highly subjective review of Windows 8.

What does it feel like?

For me, from the first preview buil, Windows 8 felt like the movie From Disk till Dawn.

For those who haven’t seen the movie, it is a collaboration between Quentin Tarantino and Robert Rodriguez. Quentin Tarantino is best known for gangster movies, Robert Rodriguez (at that time) was best known for horror movies.

The movie starts like a normal Quentin Tarantino movie, guns, hold ups, tough talk. Two fugitives are on their way to Mexico. They fight their way over the border to a bar.

Suddenly half the people in the bar turn to Vampires and the movie switches to a horror movie. The survivors band together to fight the vampires.

It’s not really one movie. It’s two movies with two directors with an abrupt transition from one to the other.

We’ve got Tarantino:

Then Rodriguez:

It’s a great movie. You should see if if you haven’t already.

Windows 8 isn’t one operating system

I do have a point here, I promise.

Windows 8 isn’t one operating system, it’s two. On one hand you’ve got the traditional windows desktop, largely the same sort of experience since Windows 98. You know, windows, desktop, explorer.

Then you’ve for the Metro Modern interface. This is the full screen, touch optimized interface.
There is zero continuity between them.

So what does it feel like?

This depends on the device you are using.

Tablet/Convertible – hey this is pretty neat
Laptop – doesn’t really make sense, but ok
Dual Screen Desktop – I want to stab someone

This didn’t really come home to me until I started using windows 8 on a dual screen desktop extensively. The metro modern interface, optimised for touch, doesn’t translate well to large screen displays. Or more than one screen.

The start screen taking over the whole screen is hugely jarring.

My pattern of usage is to start apps using Windows Key + start typing app name. Prior to Window 8, this was a relatively unobtrusive start menu. With Windows 8 it takes over the whole screen. And on a 24″ monitor I hate it.

With the release of Windows 10, it looks like Microsoft has acknowledged this.