For me it’s the paranoia surrounding webcams. People outright refuse to own one and I understand, until they go on and on about how they’re being spied. Here’s the secret - unplug the damn thing when you think you won’t use it or haven’t used it in a while.
They, whoever it is, can’t really spy on you on something that’s already off and unplugged!
Rebooting your PC really does fix a lot of issues.
But in Windows, you have to go to a sub-sub-sub-menu of the old control panel, click on a button called “choose what closing the lid does”, then on “change settings that are currently unavailable” and then disable “fast startup (recommended)”, just to get your pc to reboot properly.
Press windows D to go to desktop and press alt F4 until you get the shutdown menu.
Here’s an even easier hack than all of that :effort:
Just hold the power button down for about 10 seconds, ez-pz
I call this one forbidden knowledge because I see it so little in public, but I’m sure it’s well known in privacy communities: A password like “I have this really secure password that I type into computers sometimes” is a much stronger and easier to memorize password than “aB69$@m”. It seems more often than not I find networks where the SSID is a better password than the WPA key.
“correct horse battery staple” remains firm in my memory
I agree but I think the problem is that some apps/sites have strict password requirements, which usually includes adding upper-case, symbols, numbers, and then limits the length even sometimes…
At my previous bank the password had to be a 5 digit PIN code…
At one point, Charles Schwab allowed a password of infinite length, but SILENTLY TRUNCATED ALL PASSWORDS TO 8 DIGITS.
This is something I sent a few angry emails about wherever I could find an opportunity.
Which is funny because those strict rules reduce the number of combinations an attacker has to guess from, thereby reducing security.
Provably false. That’s only true if the rules specify some really wacky requirements which I haven’t seen anywhere except in that one game about making a password.
Think about it this way. If you have a password of maximum length two which only accepts lowercase letters, you have 26 choices for the first character & 26 for the next. Each of the 26 characters in the first spot can be combined with any of the 26 characters in the second spot, so 26 * 26 = 676 possible passwords.
By adding uppercase letters (for a total of 52 characters to choose from), you get 52 * 52 = 2704 possible passwords. It increases significantly if you increase the length beyond two or can have more than just upper & lowercase letters.
Computers have gotten so efficient at generating & validating passwords that you can try tens of thousands of passwords in a minute, exhausting every possible two-letter password in seconds starting with
aaand ending withZZ.The only way you would decrease the number of possible passwords is if you specified that the character in a particular spot had to be uppercase, but I’ve never seen a password picker say “your fourth character must be a lowercase letter”.
By adding uppercase letters (for a total of 52 characters to choose from), you get 52 * 52 = 2704 possible passwords.
You don’t add them, you enforce at least one. That eliminates all combinations without upper case letters.
So, without this rule you would indeed have the 52x52 possible passwords, but with it you have (52x52)-(26x26) possible passwords (the second bracket is all combinations of 2 lowercase letters), which is obviously less.
The only way you would decrease the number of possible passwords is if you specified that the character in a particular spot had to be uppercase
Wrong. In your example, for any given try, if you have put a lowercase letter in spot 1, you don’t need to try any lowercase in spot 2.
Any information you give the attacker eliminates possible combinations.
I think I’m confused on your point.
I interpreted your statement to mean “adding a requirement for certain types of characters will decrease the number of possible passwords compared to no requirements at all”, which is false. Even in your example above, with only two letters, no numbers / special characters allowed, requiring a capital letter decreases the possibilities back to the original 676 possible passwords - not less.
Perhaps you’re trying to say that passwords should all require certain complexity, but without broadcasting the password requirements publicly? I suppose that’s a valid point, but I don’t think the tradeoff of time required to make that secure is worth the literal .000001% (I think I did the math right) improvement in security.
Even in your example above, with only two letters, no numbers / special characters allowed, requiring a capital letter decreases the possibilities back to the original 676 possible passwords - not less.
No it doesn’t. It reduces the possibilities to less than the 52x52 possibilities that would exist if you allowed all possible combinations of upper and lower case letters.
You are confused because you only see the two options of enforcing or not allowing certain characters. All characters need to be allowed but none should be enforced. That maximizes the number of possible combinations.
that passwords should all require certain complexity, but without broadcasting the password requirements publicly?
No, because that’s still the same. An attacker can find out the rules by creating accounts and testing.
the SSID is a better password than the WPA key
This is an insult I am definitely saving for later
I agree - I do use passphrases in some critical cases which I don’t want to store in a password manager.
However, I believe passphrases are theoretically more susceptible to sophisticated dictionary type attacks, but you can easily mitigate it by using some less-common 1337speak character replacements.
Highly recommend a password manager though - it’s much easier to remember one or two complex master keyring passwords & the random generated passwords will easily satisfy any application’s complexity requirements.
An ad blocker, on desktop and phone.
It blocks annoying ads and also protects you against malware (malvertisement).
Reboot fixes a ton of issues.
And if that doesn’t work check the physical connection by unplugging it and plugging it back in.
“Stuck on boot loop”
Have you tried turning it off and on again?
Removed by mod
Youtube has helped me save on so many home repairs. 400 service calls become a 30 part and an afternoon of taking the dryer apart with video guides.
If you don’t have your files on another physical location you can show me, you don’t have a backup, you don’t own your files, you basically give your “digital life” to someone else.
The other day, I was chatting on a Discord server about how people manage their photos, which keep piling up each year. I asked which cloud service they use, and one person replied, ‘Save them offline.’ That really struck me because I haven’t invested in offline storage devices in years, and I realized I wasn’t storing anything offline.
This touched me deep
I’m surprised by how many people use Overleaf for writing LaTeX instead of installing something locally. It’s not that hard, guys. And the experience can be infinitely better as you can actually customize it however you want.
I have a webcam that we use when we’re not home for longish periods. It’s unplugged when we’re here. Also, it is connected to my own server, not some corporate cloud crap.
Password managers. People will use anything but that: paper, notes app (without any security), using the same password everywhere…
Honestly, just Googling (or DuckDuckGo-ing) things. I tend to be the “tech person” that people ask about their computer problems quite often, and 9/10 times I just copy-paste the error code into the search bar and it tells me what to do. I’m not secret about it either, I’m like you can literally just Google it and it’ll usually work. But people still seem to think it’s magic lol.
There’s a hidden skill in there that allows you to filter out the bullshit/scam/unhelpful solutions and zero in on the helpful, legitimate stuff.
My colleague (we work in web dev) will literally sit there staring at an error message but apparently not reading it, and then he’ll open ChatGPT and start asking it what to do. The fucker never even Googles error messages, it’s an absolute nightmare.
ChatGPT can be super useful, but I’m kind of worried about people learning to use it exclusively.
I tried helping a PhD student assemble a set up for measuring transistors. He used ChatGPT to do all the code for the software control (python), which is fine, even if he relied on it to fix every single part of his code when a quick trip to the reference manuals of the equipments would solve the problem instantly.
At a certain point I realized I maybe had misunderstood his set up design and asked him “wait, which device do you want to connect to your gate? Which terminal even is the gate?”
And I kid you not, the dude asked ChatGPT which terminal in his device was the gate
(he also reeked of weed so there’s that)
Awk, sed, and grep.
You might have a different type of person in mind than other commenters. Most commenters had such people in mind who won’t install a password manager or an ad-blocker, or won’t hard reboot their Windows unless supervised. Having said that, I don’t think that even if you had technical people in mind this fits the question. They tend to take substantial more effort to learn and use effectively than the scope set by the original question. I thought this question was for little things that have a quick, lasting, and substantial effect. Learning awk and sed is a different thing entirely, I think of those more as productivity tools you can invest in mastering, and pay off in the long run.
mind expanding on what these solve?
Awk is a helps you do any kind of processing of semi structured text data.
Sed is a stream editor which lets you edit a file using commands. Which is tedious until you need to replace something in a bunch if files or make very specific edits across a large number of files.
Grep is just find pattern in text file.
You don’t need a fancy computer. There’s endless amazing games and they run on a potato. I was just starting Bayonetta and my machine doesn’t even spin up. But it does when I open Firefox or my note taking program 🤷🏻♀️
Just keep it away from unsafe networks cuz it’ll have vulnerabilities.
People who complain about ads on YouTube. I tell them about ads blockers and they always go “Huh, you sure it works? Sounds good, I might try that” and then proceed to forget about it and complain about ads in a few months time…
Even if you don’t use it as a password manager, bitwarden has an excellent pass phrase generator. The only annoyance is when I run into maximum password lengths at times.
