Daily Cup of Tech

I’ve been on people’s cases lately about having strong passwords.  There are really two issues related to strong passwords:

1. Creating strong passwords
2. Preventing strong passwords from becoming weak

What Makes Passwords Weak?

Let’s start by looking at what makes passwords weak. Then, we can strengthen passwords by avoiding these issues.

Common Dictionary Words

If a word is in the dictionary (including those in other languages) then chances are it is in a brute force attack dictionary.  This means that it is really just a matter of time before your password is hacked.

This also includes variations of dictionary words:

• reversed words (e.g. drowssap)
• mixed capitalization (e.g. PaSsWoRd)
• character/symbol replacement (e.g. pa$$word)
• removed vowels (e.g. psswrd)

Based on Common Names

Common names are, just that, common.  This makes them easily guessable.  So, “bobpassword” is probably not a good idea.

Based on User/Account Name

Let’s say you have a user name of “username1234″.  I would not suggest using any of the following passwords:

• password1234
• username12345
• username5678
• user1234name

Too Short

If your password is under seven characters, it is not long enough.  ‘Nuff said.

Based on Keyboard Patterns

A password that is just a series of keystrokes along the keyboard is probably not the best idea for a password.  Check out some of these passwords on your keyboard and you will quickly see why they are bad news:

• qwerty
• 1qaz2wsx3edc
• 0-p[l;,.
• !@#$1234
• z,alqp1-

Only Use One Symbol Type

It is really tempting to create a password that is all letters.  Let’s face it, this is how we are wired!  But, it also greatly limits the number of possible passwords.  For example, if you have a seven character password made up of only lower case letters, there are 8,031,810,176 possible passwords.  But, if you add in uppercase letters, numbers, and punctuation characters, there are suddenly 64,847,759,419,264 potential passwords, making the password significantly more difficult to discover!

Difficult to Remember

I am going to give you one password that would be practically impossible to crack!  Ready?  Here it is:

\Oj?Ix4MH%xy}5xTpu@+NkMZ2)C09IE:Rrr}6E7;$::]aH|YH8`]U38%cHUe\lL|w?D6ms:T.mT9L”YV0$#843Rl-$xkA9JQV|Z7-eG]”T+O&glxb]{xW9*D^5′f.}4x[(;b}_bEXQQ;y<”VcY:FVah1,Q%’Cv=h8Ktq~=?~’7Bgt6c}w)n&mtPyUJfiXy”3R>J5″ZD2clmW?@D$T0″eL#’v09X({MVc(c!>{k4N[@’;`CA0oK5$3N{)apz*l’A;lbRpu^eiI06T_5″|%>XfBiyKYpVcvq4p”EL<(\W8wNP,54SIg27Ub|wJ”%#NOt*{0_RHeYZ,+AJ)~XsyppsJ)B|P/\xi’IGX^2[.6

Now, all you need to do is memorize it and you are set!

I can guarantee you that nobody will ever use this as their password!  It is simply way too long!  If you can’t memorize a password, then it is as good as useless!

Strong Password Characteristics

So, now that we know what makes a weak password, how do we make a strong password?

Strong passwords should all have the following characteristics:

• contain at least one of each of the following:

1. digit (0..9)
2. letter (a..Z)
3. punctuation symbol (e.g., !)
4. control character (e.g., ^s, Ctrl-s)

• are based on a verse (e.g., passphrase) from an obscure work where the password is formed from the characters in the verse. e.g., “Iafyd$,t,ta!” is derived from the phrase “If at first you don’t succeed, try, try again!“
• are easily remembered by you but very difficult (preferably impossible) for others to guess

Making Strong Passwords Weak

Even if you have a strong password, there are a number of things that many people do to make it less effective:

1. Recycling passwords.  Do not use the same password over and over again when you need to change it.
2. Recording passwords.  As tempting as it may be, putting your password on a sticky note on the side of your monitor is a definite no-no.
3. Using The Same Password On Multiple Systems.  Almost everyone is guilty of doing this.  You come up with a great password and then proceed to use it for your e-mail, computer account, Facebook, etc. password.  While this makes it really easy to remember the password, if someone figures it out, then they have access to everything!

Password Creation Worksheet

As a way to make your life easier, I have created a worksheet that you can download and print off that will help you to create a strong password.  I have also included a completed example.  I strongly recommend that you print a number of these worksheets out and have them handy the next time that you need to create a password.

If you are looking for a good starting phrase, may I suggest a nice, long quote from your favorite movie?

Related articles:

• Tonyvirtual: How tough do you think your password is?
• How Long Does it take for an Home Computer to Break your Password
• Cracking Passwords Test
• Password Management/Generators And Tips
• Dictionary Attacks 101
• Passwords: Most People Do It Wrong

Trackback link - http://www.dailycupoftech.com/2009/02/17/creating-and-keeping-strong-passwords/trackback/

I recently received an e-mail from Sam J. with a question about flash drives:

Is their any way to record the user name of every person who has used your flash drive?

While there is no fool proof way of doing it, you could try a combination of autorun.inf files and batch file.

Create an autorun.inf file on the root of your flash drive with the following contents:

[autorun]
open=getusers.bat
action=Open folder to view files

Next, create a batch file called getusers.bat with the following contents:

@echo off
echo %username%>>users.txt

When a user puts your flash drive into their computer, it pop up with an autoplay option indicating that they are to click on the icon to open the folder to view files.  A small black box will pop up briefly and then disappear.  If you go into the root of the drive, you will find a new file called users.txt.  If you open this file, it wil contain the user names of all the users who have accessed your drive by clicking on the icon.

This is, of course, not a fool proof method as all someone has to do is bypass the autoplay feature and their name is not recorded or they can delete the users.txt file but this is at least a proof of concept.

Trackback link - http://www.dailycupoftech.com/2008/11/10/tracking-flash-drive-users/trackback/

Windows has had a search option for a very long time. The problem that I have with it is two-fold:

1. It is slow
2. The indexer is a real
3. resource hog

So, a long time ago, I learned how to index all of the files on my computer that provides me with accurate results in a fraction of the time. And, the index is completely portable so I can keep a copy of the index on my USB drive so that I can tell my wife exactly where that file is on my computer at home that I need at work.

How exactly is this done? Read on.

Create the Index

The index is really nothing more than a text file listing every single file that is on your computer’s hard drive. To create the index, simple go to a command prompt and type the following:

dir c:\ /s /b>>fileindex.txt

Wait for a couple of seconds and it will be done. If you want to add more hard drives to the index, simply retype the command and change the c: drive letter in the command to the other drive letter you want to index.

Search the Index

The next step is to search the file index for a file you are looking for. Let’s say you are looking for a file with the word “accounting” in it. You would use the following command to get a list of all the files with the work “accounting” in them:

find "accounting" fileindex.txt

You will instantly get the results. No waiting!

Updating the Index

Since it is so quick and easy to build the index, to update the index all you need to do is delete the fileindex.txt file and recreate the index just like you did earlier.

Suggestions

What you may want to do to simplify the process is create a couple of batch files to simplify the process. For example, you could create a batch file called MakeIndex.bat that would delete the fileindex.txt file and then rebuild it with information from all of your hard drives. This file may look something like this:

@echo off
del fileindex.txt
dir c:\ /s /b>>fileindex.txt
dir d:\ /s /b>>fileindex.txt

You could also create a file called WhereIs.bat that will find your files easier for you. It might look something like this:
@echo off
find %1 fileindex.txt

Now, all you would have to type is:

WhereIs "accounting"

This will give you the same results!

Trackback link - http://www.dailycupoftech.com/2008/08/28/diy-file-index/trackback/

There are several situations where it would be to your benefit to listen to a WAV file rather than read a text file.

• When you are driving home.
• Someone who is visually impaired.
• You do not want the contents of a text file edited.

So, I started looking into how difficult it would be to create such a program. As it turns out, not very difficult.

I used AutoIT to create a simple executable that lets you either double click on the program and select a text file or drop a text file right on it. It will then automatically create a WAV file with the same name in the same folder as your original file.

You can download the MakeWAV application for free.

Also, if you are interested, here is the source code that you can copy and compile to make your own application. It’s open source so have fun!

#NoTrayIcon

Opt("MustDeclareVars", 1)
Dim $strTXTFile ;Name of the text file to convert to a WAV
Dim $strWAVFile ;Name of the WAV file to create
Dim $strTextData ;Text information to convert to a

WAV file

If $CmdLine[0] > 0 Then
$strTXTFile = $CmdLine[1]
Else
$strTXTFile = FileOpenDialog("Select Text File...", @MyDocumentsDir, "All (*.*)|Text files (*.txt;*.csv;*.log;*.msg;*.asc)", 1)
EndIf

If Not FileExists($strTXTFile) Then Exit

$strWAVFile = StringLeft($strTXTFile, StringLen($strTXTFile) - 3) & "wav"
$strTextData = FileRead($strTXTFile)
SplashTextOn("", "Creating WAV file. Please be patient.", 275, 20, -1, -1, 1)
_MakeWAV($strTextData, $strWAVFile)

Func _MakeWAV($strSentence, $strFileName)
Dim $oVoice ;SAPI voice object
Dim $oFilestream ;SAPI file stream object
$oVoice = ObjCreate("SAPI.SpVoice")
$oFilestream = ObjCreate("SAPI.SpFileStream")
$oFilestream.Open($strFileName, 3, False)
$oVoice.AudioOutputStream = $oFilestream
$oVoice.Speak($strSentence)
$oFilestream.Close
$oFilestream = 0
$oVoice = 0
EndFunc ;==>_MakeWAV

Trackback link - http://www.dailycupoftech.com/2008/08/27/convert-text-into-wav-files/trackback/

I have been racking my brains for some time now trying to figure out a better way for people to interact with the information overload that is constantly coming at them. One of the ways that I have discovered is through augmented reality. And now, there are even tools that are available for free that can help with this.

Microsoft has released some technology that, when combined with heads up displays and GPS tracking could provide a very useful and informative way of seeing the world. When you combine the mapping capabilities of Virtual Earth with trueSpace, a 3D development environment, you can modify the way you see the virtual world.

Now, take this modified virtual world and add a heads up display in the form of glasses which interacts with very precise GPS systems, you have a very good start at something amazing!

Here is a demo that has been put together to show what a trueSpace building looks like in Virtual Earth:

The implications of something like this are astronomical! Some potential uses include:

• Tourist attractions to historical areas showing where building once existed
• Military real-time monitoring of a remote mission
• Real estate agents showing future expansion and growth of a neighborhood
• Architectural businesses performing a virtual walk-through of future building

Trackback link - http://www.dailycupoftech.com/2008/08/12/reality-20-like-the-real-world-only-better/trackback/