Hearted Youtube comments on Ask Leo! (@askleonotenboom) channel.

  1. The real benefit is memorization. For a given entropy I can remember far more in word combinations than random letters and numbers. Remembering four random words in sequence is far easier than remembering 10 random characters even though they have similar security.
    146
  2. Redundancy! That's the key. It always has been and always will be. I fully believe that no matter how fancy or reliable we think a storage solution is, having a single instance of data will always be a risk not worth taking. The reason the old saying "Don't put all your eggs in one basket" is an old saying in the first place is because it's completely true, and is as relevant today as it was centuries ago. Great video! šŸ‘
    54
  3. You speak logically, clearly and concisely, thereby reaching millions more people around the world. Congratulations.
    37
  4. You're so good at explaining things, it's like listening to my favorite professor.
    33
  5. In the beginning, everyone just chose a random word as a password. Once that wasn't enough, everyone lost their minds. Turns out we just needed a few more random words
    20
  6. The biggest advantage of pass phrases over passwords is people are less likely to write down a pass phrase. If administrators enforce strong passwords with difficult to remember rules, you will find the average user will write that password down or simply create one password and then do something like increment a number at the end each time the password is reset. You could go into any business and find dozens of passwords end in the value of the current month with an exclamation mark at the end. Creating a pass phrase of 4-5 words will be simpler for a user to remember but provides the security of a long character password.
    16
  7. Well done. You have no idea what a pleasure it is to listen to someone who speaks English without a horrible accent in your case no accent at all, and without a lot of background noise and without repeating a lot of useless information I didnā€™t need to hear. I realize I just got through with a tremendous horrible run-on sentence, but I just wanted to say thank you for your help in such a clear concise way. Thank you
    14
  8. 1. There's game theory involved. If everyone were to use word-based passwords, they would become less secure because brute forcers would be able to go that route. 2. Virtually every kind of account these days has a maximum for the characters in use, "correcthorsebatterystaple" would already be too long for most accounts despite neither (neigh-ther?) of the words being overly long. 3. While capitalization allows for more variety, it also robs the system of the main benefit. As someone who deals with people forgetting their password on a weekly basis, I can tell you that people always mess up capitalization because that's not something we inherently store in our brains. My more general advice is this: People who break into your house where you might have your passwords written down will not be interested in those passwords. Those that are interested in your passwords won't break into your house. So writing it down (on actual paper) is more secure than what people give it credit for.
    13
  9. You're preaching to the choir, Leo! And yes, you can have an Amen. The topics you just discussed have been among my biggest passions for at least a couple decades. I'm a skeptic who advocates skepticism, a critical thinker who advocates critical thinking, a nuanced thinker who's complained numerous times about what I call binary thinking (which is an analogy you should be able to appreciate), and a researcher who does his best to avoid confirmation bias and all the rest. People make fun of me for the amount of time and effort ā€” and yes, money ā€” I invest to get at the truth and whole truth of a topic, whether it's buying a big ticket item, choosing a political candidate, or investigating a news story. And some criticize my default position of skepticism on any new information. Yet some of those same people, skilled though they might be at making quick decisions, are egregious spreaders of manure. I'm all about facts, evidence, and reason, which is one of the reasons I love and admire science. I've been banging the drum for a long time about getting more of this into politics, and into the education of our youth, starting not in college but in elementary school. I'm aware of my own human imperfections, and no doubt sometimes they still slip through, but I've been aware of rampant misinformation on a plethora of topics for a very long time. Thanks for being another voice on these matters. I knew there was something I liked about you when I started reading your articles about personal computing many years ago. šŸ‘
    11
  10. Leo, I can't tell you how much I appreciate the information that you are providing. I thought that I was losing my mind as no matter what I did, my files kept going to the cloud. Thanks to your videos we can understand what is happening. Microsoft has taken an extremely aggressive and unwelcome form of marketing and control with OneDrive. In a way our data is twice as vulnerable because it can be deleted in multiple locations--your PC or on OneDrive. I also feel this is a security issue because they take data from your computer without users fully understanding how this is happening. I would be interested in OneDrive if Microsoft never took the liberty of moving my data outside of a single folder. The ultimate penetration and control of our data was putting the Document folders in the OneDrive Folder. If Microsoft is not a monopoly, its strongarm actions certainly seem like one.
    9
  11. In fact, my brotherā€™s method is even easier: invent a sentence for yourself, which you can make as long as you want, and including numbers, names of people and places, and choose the first letter of each words following the logical spelling of lowercase and uppercase. Include other kinds of characters where you want (!%&). Example: I am going to (t or 2) Paris in four (f or 4) weeks with Fanny and Zoe to (t or 2) visit the Louvre! It becomes Ā«Ā IagtPi4wwFaZtvtL! Ā». You now have a 16 characters password easy to remember and tape, and as long as necessary. Plus you dont have to remember which letters are lower or uppercase, you just follow the logic.
    9
  12. This may be true when you have only a few passwords but when you've got dozens, hundreds even, you still need to use a password manager, and at that point it makes no odds or is even worse if the attacker knows the dictionary from which the words are taken. The weak point is still the human.
    9
  13. Another issue I have seen with OD is the classic Microsoft issue of path length limitation, which is an issue for people who love long filenames and deep nested subdirectories. Also, I believe large files will not always sync up to the cloud. So it's possible that not everything is getting synced (watch for the subtle red "X" in the system tray or in file explorer.
    9
  14. I am 64y/o , did not buy a computer until 2004 so I'm a late bloomer-boomer. I have watched many , many of your videos and have learned a lot. I want to say thank-you and as long as you keep putting them out I will keep watching.
    9
  15. If the workplace is that toxic: 1. Quit! Yes, you need an income, but you don't need that place.
    7
  16. Onedrive backup isn't a backup. It just wants to move all your stuff on to the cloud. It is extremely poor process.
    7
  17. The problem with all passwords, random characters or random words, is that most people have far too many accounts to be able to remember that many unique passwords. Hence the need for password managers and multi-factor authentication. I gave up on random word passwords because I canā€™t remember random word combinations. Some people can, but my brain doesnā€™t work that way.
    6
  18. Ā @askleonotenboomĀ  capitalism
    6
  19. The real value of a multiword password, IMHO, is twofold: 1. it's a lot easier to get to a lengthy password (and if the people designing the password requirements force you to use all the different types of characters, hackers have to check all the various combinations) but 2. YOU REMEMBER IT SO YOU DON'T NEED to WRITE IT DOWN! That's the main thing people do to compromise their passwords and forcing everyone to create complicated passwords only makes it more likely they'll choose to compromise themselves in this way.
    6
  20. I use OneDrive all the time. Great sync tool. Lousy backup tool. I cannot understand how MSFT made such a mess in communicating the power of OneDrive. Excellent video Leo.
    6
  21. Congratulations! Amazing that it's been 20 years, I just found you maybe a month ago. As for AI, I feel your pain. I'm a programmer, and while I'm not directly affected yet, I'm sure it's coming soon.
    6
  22. Well he does say that you probably wouldn't want to leave this enabled so I think it's a fair presentation. Leo I like your videos because you speak clearly and not too fast but you are right to the point without fluff.
    6
  23. Ugh. I have never used OneDrive because I found it to be too confusing. I guess that was the right choice.
    5
  24. Dear Leo, you are the only ONE Youtube and online IT tech advisor who deserves to be claimed as a true experienced veteran Windows tutor and "Godfather", being non biased, solemn and serious on every each session and topic, short but concise and precise, nothing awkward to hide but with a sole aim to help out, and that is it. On top, having being a fan of you for long, I wanna sum up that you are truthful in a way with a real heart of really understand the needs of end users, and most impressively that I need to be grateful to you is that you are really addressing current and most recent issues that end users are facing and being nerve wrecked on. Thank you very much and much love to you always šŸ˜šŸ˜šŸ˜. Cheers...
    5
  25. Happy Anniversary Sir! We have all been the beneficiaries of your vast repertoire of knowledge. THANK YOU!
    5
  26. I love tech and find many of your topics interesting more specifically your take on it. Thank you Leo and cheers to the next 20!
    5
  27. DNA IS THE BEST MEDIA šŸ˜Š
    5
  28. I read your article. It was an interesting read. I enjoyed it. Being a content creator on You Tube must be hard and especially for someone who is a little older than the average "user" today. Finding an audience in that younger crowd when competing for time against all the "kids" with tech channels must be daunting. It's too bad because I think it is just that group that could benefit the most from the information you dispense here. Of course, we older folks (me) benefit too but we're probably in a group that isn't the most tech savvy and probably never see your channel unless it's by chance. It's a tough way to compete but I hope you continue for a long time. As much as I think I know about PC's, you always seem to present things that are new to me or is a great reminder of things I once thought I knew.
    5
  29. Leo, I downloaded this video, and saved a copy to an external mechanical hard drive, a USB flash drive, a DVD, a CD, LTO tape, reel-to-reel tape, and 51 floppy disks. I could not find punch cards. I made 7 sets of everything, to bury a set on each continent. I am considering making additional sets, for each of our oceans. And I might make one more set, and place it on Funk & Wagnalls' porch.
    5
  30. When we got our new Wifi router my roommate asked me if I could change its password into something that wasn't a pain to type every time someone needed to log in for the first time. I chose the first line of a poem that pretty much anyone knows. It's about 50 characters long, has capitals, spaces and a special character and so far (over a year later), anytime someone asks for the password, I just tell them it's the first line of said poem and they immediately enter it correctly first time. Both the easiest and most secure password I've ever had, which is why it pisses me off every time I have to create a password for some site which has so many limitations and requirements for a password that make it impossible to remember if I don't use it regularly.
    4
  31. How about M-DISC, the company estimates that the data stored on those last approx. 1000 years, because it's burned into the MINERAL substrate of the Read-Only discs. Of course that assumes that the disc does not get burned to the ground, or the disc gets thrown in the garbage and then incinerated in a waste-to-energy garbage plant. M-DISC has never lost any data for me, but then I've used it for only 10 years.
    4
  32. The tricky part that's not covered is how to generate this random passphrase. You need a wordlist from somewhere, and if that wordlist exists then it's available for hackers. In my experience wordlists have been quite short too, 2048, 4096 words are common, or 7,776 (diceware) but often much less than the 30K. And sometimes it's unknown: I use bitwarden and it has a passphrase option that defaults to 3 words, from a maybe 4096 word list, it has caps (first letter only option, which just doubles the entropy) a preference for separator and options to put a digit in. Maybe 10^15 at most. So, definitely room for user error if doing this, much more than random chars.
    4
  33. There are other things that can also increase the 4 words password strength : - spelling mistakes (intentional or not) - Slang and local dialect - different languages pidgin creole etc... Yeah most people are not fluent in another language, but I'd say most people know words that are not in the english dictionary.
    4
  34. Even more confusing: the Documents folder is a Known Folder, meaning that users can freely change its location and apps that are written properly will still find it because Windows knows where it is. However, when OneDrive backup is enabled, weird and confusing things can happen if you try to take advantage of this feature by moving the Documents folder out of the OneDrive folder. You have to explicitly get OneDrive to relinquish it before you can use the feature as intended. I'm not sure why Microsoft made OneDrive work this way instead of just relying on the existing Known Folder moving functionality that Windows has supported for years. You can move Known Folders freely in and out of other cloud sync client folders like Google Drive and DropBox, but OneDrive has this confusing procedure you have to follow.
    4
  35. I've been using multi-word passwords for years now. I hate using intercaps but I do mix in things other than common English words. Rarer English words from more obscure parts of my vocabulary. Words from other languages that I know a sprinkling of. Character names from movies, anime, books, etc, that I like. What I call "pronounceable non-words" (EG blipple, bingdinka, bobbotop, and whatever else springs to mind in the moment). Plus a small dusting of numbers just to add some spice to the password. Every password of mine is unique and none are really guessable from knowing any others, nor even from knowing my password making rules. My main threats are, as this guy says, someone getting a hold of my password directly. From phishing, breaking into the password storage, keyloggers, etc.
    4
  36. Thank you. It is mutual, especially in my backup practices and Macrium Reflect.
    4
  37. No, thank you! Happy Anniversary and congratulations. Wishing you good health and continual success, I know someday it will stop like all good things but, for now keep em coming. As long as you can or are able to. Again thank you for all you do.
    4
  38. From Microsoft Terms of Service: Your Content.Ā Many of our Services allow you to create, store or share Your Content or receive material from others. We donā€™t claim ownership of Your Content. Your Content remains yours and you are responsible for it. From Google's:1. Your Content Google Drive allows you to upload, submit, store, send and receive content. As described in the Google Terms of Service, your content remains yours. We do not claim ownership in any of your content, including any text, data, information, and files that you upload, share, or store in your Drive account.
    4
  39. Yes, so many of us appreciate Leo more than he knows.
    4
  40. My history as an old geek : the more reliable storage I had tested : 1-Cassettes, I have cassettes from the early 80s (ZX Spectrum, C64) still working perfectly for nearly 9/10. 2-5.25 floppy disks, 7/10 still working 3-HDD drive, 6/10 and also incompatible formats or hardware protocols/connectors (RLL, MFM, early IDE, early SCSI ...). 3-USB sticks / memory cards 5-6/10 and also about memory cards, the problem of old formats (Memorystick, Smartmedia, CFI/II, ...) 4-3.5 floppy 4/10 5-CD, DVD, ... less than 3/10 The best system is punched tapes, even after 3/4 of a century, almost 100% are still readable but I never used it and who still needs it ? I don't know yet about SSD but till now seem quite reliable. About cloud storage, what if your supplier go bankrupt ? The best option for important data is multiple copies, and ideally at least one on a offline storage. This is of course for long term storage/reliability, for years.
    4
  41. No way of knowing, but it would be interesting to know how many people have been helped by Ask Leo in the past twenty years. It has helped and educated me many, many times. JimE
    3
  42. Thanks
    3
  43. What about a 3d printed... something? Some sort of encoding, whether binary or something else, combined with some method of scanning the data back in, whether using an actual scanner or something akin to a record player? Sure, the cheap plastics used in modern home 3d printers aren't great, but I can imagine such a system that offered long-term storage for relatively small amounts of data.
    3
  44. Thanks!
    3
  45. Metal sheets have proven more reliable than clay over centuries. but rust never sleeps.
    3
  46. Thank you Leo, I can explain this in one answer: Microsoft can't get people to buy 365 or they're deciding NOT TO, so, they're using a dubious tactic to force them to (never happened in this company's history before has it?....) } HOW the hell can One Drive storage count towards your email when they're separate products and totally different tech wise? That's like a taxi driver getting a fare. Then, charging, the customer for someone walking on the pavement. Nonsense greed. David
    3
  47. The thing to be afraid of is you might have to ask your kid for help. That is worse than death.
    3
  48. You're absolutely right šŸ‘
    3
  49. I have an 8TB external USB3.0 drive. I keep my desktop image backups, my iOS/iPadOS backups and Windows File History on it. Has served me well for several years. I'm using Paragon HDD manager for the desktop backups and iMazing for my iOS/iPadOS backups. Two great applications.
    3
  50. This is why I don't use MS tools at all if there is an alternative. Paid sw, open source, Google, Android. Anything is better than MS. Mac if you're rich, Linux if you're a geek...
    3
  51. In terms of entropy, 4 words (30000^4) is equivalent to about 9 random ASCII characters (95^9.055) while being easier to remember.
    3
  52. Many podcasts are also complaining about declining ad revenue. Not sure of a better opion, like a subscription or fee.
    3
  53. I feel that no matter how old you are, all the things you need to do while on a computer, let alone typing emails to friends, is good exercise for your brain and your hand / arm. Also getting to read new things from different website, keeps the old brain cells busy and not atrophied. = ]
    3
  54. One problem is that you have to memorize the 'random' capitalization rule you decided on. Same with the 'spaces'. Also - choosing 'random' words is hard, same with 'random' schemas for capitalization and spacing. Remember too - you have to type it in, the more complex your schema, the harder that will be to do. I think a lot of people take away that a four-word phrase they think of is going to be hard to figure out, and that's just not the case. Picking random words is pretty hard - even the 'correct horse battery staple' has three of the four as nouns, none of the words at all obscure. And - a new phrase/schema for every password? The capitalization schema either needs to be simple, or you are basically making yourself memorize a (on average) 20 bit number. If you make it too simple, it is easy to automate searches for it, same with throwing in what's going on in the 3 inter-word 'spaces'. Really - this is why we have password vaults, which most people don't use anyways.
    3
  55. A problem that can happen for a user who strictly avoids OneDrive is that user may not be watching his directory structures carefully enoough when placing a file in a folder, and the file may be placed into a folder within the OneDrive folder. This happened to me, more than once.
    3
  56. I helped publish a book, the problem was the text was in a format the publisher could not open and it was on 5 1/4 floppy discs lucky I had the software to read it, he gave me a signed copy of his book Treasure Hunting on a Shoestring by Mick Moran.
    3
  57. Outstanding - I subscribed immediately
    3
  58. The idea that the sysadmin can be your partner is HUGE! I'm glad you mentioned that one. I used to sysadmin for several small businesses. What they never realized is that that position allows the sysadmin to know an enormous amount about the business. I'd often offer advice. Some would take it - and be pleasantly surprised - and sadly others would not.
    3
  59. I've been using 32 character passwords for years and without any repeating characters in every password. I figured I may as well giga futureproof my security and I noticed that none of my accounts were ever hacked again.
    3
  60. One of my main beefs with Windows is its obfuscation of folder names. Two different folders have the same paths. Delightful!
    3
  61. I create an insane string of characters and DON'T BOTHER to remember them. Practically everything has a "forgot password" function that lets you log in with a text message or something.
    3
  62. ā€œLong term storageā€ is a fantasy and there is no such thing. Hard drives as recommended fail easily due to machanical failure even they are not used, not electronically connected! Connection type might be easily phased out too. Software no more compatible too. Forget ā€œlong termā€.
    3
  63. There. I ruined it. šŸ¤£
    3
  64. You're like my favorite teacher ever! Always clear, full explanations, always easy to understand. Really enjoy all your videos!
    3
  65. It's interesting the steps hackers have taken to brute force a password guess. One method is a rainbow table, an enormous database of hashed words and their source text, which gets compared to a hashed password. To maximize the HP, they use motherboards that support multiple processors, equip them with the fastest multi-core CPUs. Then, they load up every expansion port with the highest performance video card they can get, and use special software to utilize the cpu's on those cards to help with the task.
    3
  66. While there is often no need to update drivers if you are not having issues with any devices, sometimes driver updates will increase performance. Examples of this are updating video drivers or replacing generic storage drivers, with the proper OEM ones released by the device manufacturer. It's also imprtoant to note, that to the best of my knowedlge there have only ever been two driver update tools which did nothing, although one of these was released under many different names. All the rest do actually search for and install updated drivers. But having said that, driver update tools don't always find the correct driver updates, meaning that sometimes the updated drivers they install are incompitble ones which don't work.
    2
  67. You are showing stone tablets is that Egyptian scripting do people read that. I am afraid because I could understand like shorthand taking dictation I can scream because I dont know I am African American I am facing that I don't know any African American know that.
    2
  68. All passwords /phrases break down to (1 and 0) iā€™ve been told . But iā€™m not all that savvy i have to write them down . I know that in turn negates the basic security . Getting old s-ks no choice in the matteršŸ˜¢
    2
  69. wow .. great info .. ty!
    2
  70. šŸŽ‰šŸŽ‰
    2
  71. Congrats, and thanks, Leo!
    2
  72. Just use a password manager and random passwords for each place. Any other suggestion is unserious in 2023. It also protected against phishing and keyloggers.
    2
  73. Thanks for the explanation. One thing that happened to me was that I bought another laptop for work related stuff. When I activated the OneDrive backup, all the files that I had in my personal laptop began to download in my new laptop and both Document folders were merged. I believe that there's no way to keep both backups separated.
    2
  74. Another thing to consider is if the hardware necessary to read the data will exist. A floppy disk, tape cassette, DVD-RAM, or flash drive will be useless in 100 years if the technology to read them has vanished. Consider how in an analogous way a Blu-Ray disk is unplayable on a computer that lacks the hardware and software to handle DRM.
    2
  75. Ā @askleonotenboomĀ  Hey, I realized my amd fx 6300 cou is going to 80 degrees. That was the cause of the problem... Random black screens when it hits 78 degrees when the pc has nothing to run. Well, it is been 6 years with that CPU, time to change it and I hope and pray that I will be able to change it. Thanks for your time Leo! Have a nice day and life :)
    2
  76. ads are just like taxes. a lot of important stuff rely on them and someone has to pay them, but we shouldn't cripple ourselves by paying more than legally required
    2
  77. The fastest and an easy way is to make a Macrium Reflect backup of the drive or folders, then explore the backup image. Make sure to tick "Enable access to restricted folders"
    2
  78. I buy used and have good experiences because I have lower requirements. Thanks for the video.
    2
  79. MIcrosoft does push using the Windows Backup which "backs up" to OneDrive. You should keep an offline backup. Users new to OneDrive may not understand that it moves your documents, photos, music, and video folders into the OneDrive folder for syncing. That said, OneDrive can be useful if you understand how it works and use it as it intended
    2
  80. You're the reason I don't panic. Your videos are well researched and very well explained.
    2
  81. I like your style Leo! :)
    2
  82. Support your local library today.
    2
  83. I felt there was maybe a bit of a jump between odds for five-letter words and calculations using the total number of words in the OED, since they're not all five-letter words.
    2
  84. Very useful background information, cogently put across, thank you.
    2
  85. Thanks Leo! I have been struggling with one drive backup and could not find anything explaining this till today. This video was immensely helpful. Could I ask for a favour by requesting you to explain how does one drive work if you have two PCs and one Microsoft account synced to both and what is the best way to do this.
    2
  86. a simple example , got lot of music on tape , but i no longer have a tape deck , i can still buy one but don t know for how long , 8track tape and vhs or beta are already no longer avalabe , flopy to is no longer avalable , am 47 and i have alredy see lot of tech disapair ,in my life time , and soon will be the cd or dvd , many new machines no longe have optical drive ,and some of my cd from 2003 are no longer readable ,, idi drive are no longer , how long do you give sata ,,, an other 5-10 years ,,
    2
  87. What this video doesn't seem to address is that the four-word passphrase should contain words with a minimum length of four. Surely "a", "it", "is", "i" are all words and are part of the "30-thousand" word set of most commonly used words in the English language; however, choosing "a it is i" is much weaker than 16 random characters. The point of the video does stand, however, as I'm sure there are more than 30-thousand words of length four or more that are both commonly used and not commonly used. Also throw in a few words from other languages that one may know.
    2
  88. yes helped me alot with yer videos learned a few things here as well
    2
  89. Thanks Leo, you have finally given me the awswer to where 4000 of my photos went after I changed the back up settings in my Samsung Gallery aka (OneDrive). I didn't know there was a difference between backup and mirror and I found out the hard way. You're very kind to at least explain what has happened and I thank you.
    2
  90. Not just an archaic word list. Most people have a personal lexicon of nonsensical words they use regularly. There's also the benefit of being multilingual, thus having even more words to use. By using words that can't appear in a hacker's dictionary, you force them to use a raw bruteforce attack. This is why I don't even have a complexity requirement in the systems I develop, over a certain minimum number of characters. The longer your password, the more rules are lifted. When I did an audit on one of my test systems, I found one user who actually had a password with more than a thousand characters. He types it from memory, says it's nothing but words in PascalCase. He's trilingual and knows slang from two extra languages, so he's definitely safe. That being said, in these systems, we're all nerds, it's not an end user product or an enterprise network or anything, just toys for nerds. Though I would like to see more end user products and enterprise systems adopt this paradigm.
    2
  91. with the 16 random characters, "random" is the critical part. things like replacing an e with a 3 are not as clever as people think, therefore less secure
    2
  92. Since the point of random word "phrases" is that they're easy for humans to remember, adding random capitalization would completely defeat the purpose, as you'd just be left with a very long string of binary digits to remember in addition to the four words. Choosing "your own" capitalization scheme, wouldn't make much difference, as there aren't that many different schemes an average person would choose between. The real advantage comes from the fact that most people don't - and never will - use completely random strings of, say, 16 characters. Rather they use words and numbers, maybe in combination with some capitalization scheme and one or two special characters thrown in, as is always recommended even though it increases the security by very little. So the "string of random characters" is really just a phrase of one or two words, and it doesn't take much to realize that a four word phrase beats a one or two word phrase.
    2
  93. Obnoxious nitpick: At one point, Leo refers to a project that uses AI to interpret cuneiform tablets. Those are made of clay, not stone. But the tablets were often fired, turning them into ceramic pottery. One could argue that pottery (and even glass, which is made from sand, a.k.a. small particles of quartz) is essentially mineral in nature. Synthetic stone. So it amounts to the same thing.
    2
  94. The more pressing problem for me is that MS now has my files....
    2
  95. Thank you for this and all the info you provide here and alsewhere. You're the only one I trust and the only tech newsletter to which I subscribe. What I do more than anything else is photo editing. My son would like a gaming pc and I have no clue how to advise him. Any suggestions for either machine would be greatly appreciated in this Mac-free household. Thank you in advance for any help you may be able to provide.
    2
  96. Thanks!
    2
  97. Build a NAS, back it up to the cloud, then keep a copy on your local machine. Only way you're losing data? If aliens decide to zap all three at once! šŸ˜‚
    2
  98. Blu-ray is your friend.. don't forget to buy two external blue ray drives to survive the obsolescence..
    2
  99. Subscribed! Thanks!
    2
  100. Thank you for your thorough overview. Cheers!
    2
  101. Thank you Leo. Genuinely, Thank you.
    2
  102. It gets even better when you deliberately misspell words.
    2
  103. The macrium reflect Free doesn't exist anymore and don't get long support either.
    2
  104. I agree that SSDs are excellent value upgrades typically costing under Ā£50 for 250-500Gb. A laptop hdd can be repurposed by using it in a USB enclosure to facilitate cloning and then having it as a backup drive.
    2
  105. Change is good. Change is inevitable. Change gives one the opportunity to excel, learn, and grow.
    2
  106. great video. yes it does look as though microsoft is so keen to get people to pay for a onedrive subscription, or for 365, that they havent thought it through from a user perspective. thier architecture attempts to corral users into doing stuff on the cloud - which some of us dont always want. eg if we want to be fully functional when offline or with a slow connection. microsoft has also made the presentation of files in explorer unnecesarily confusing. all wel ntentioned maybe trying to make it look neat and tidy, but the end result is bad for the user and confidence sapping for those not tech literate. it may even lead to people wondering if they have alzheimers, because hey can't find their stuff. not good. this is a great heads up summary of what the issues are. thank you and well done
    2
  107. That's because you're clearly a casual mail user. Those who really use email for work often need a lot more features than offered by webclients. Also, having access to your mail when you're offline can be necessary. Can't do it without a local mail client.
    2
  108. I'm so angry with OneDrive. When it asked me to backup my desktop files, I'd figured it'd just store everything as a copy, as the word BACKUP would mean such. At no point was it explained to me that it would basically MOVE all my files to a different directory, one that's not even local on my system (OneDrive). This is so invasive. No software should move or delete anything without the explicit permission from the user. Now I have a bunch of broken links because they no longer point to the correct locations. I wish I knew all this beforehand.
    2
  109. Why not using a different language even or more than 2 ,than it would be much more difficult for hacking them. šŸ˜€
    1
  110. CONGLATURATION !!! :)
    1
  111. Thank you. You helped me a lot..
    1
  112. I have a ton of pictures... several Tb worth. Unfortunately, as I edit them, their updates often make duplicates of themselves. This is especially true if I manually copy them to my external HDDs. I wish I could afford RAD technology but that would actually double the drives I need.
    1
  113. Adding to the passphrase thing; Adding numbers and non-standard characters to this and the numbers spin out of control.
    1
  114. So you learned your hair DOES turn gray! :)
    1
  115. Multi word passwords arenā€™t more secure than random characters of the same length. You can only remember them better.
    1
  116. Oh, very good lecture ;) Good work, both from the point of view of demystifying tech, or just giving people something useful that you can understand why is useful.
    1
  117. This is a great market data gathering tool. You have allowed them your name , address, picture, and any other information that you put in that folder. They dont delete this if at all until they are done with it.
    1
  118. I feel, being dyslexic helps with password production, like, if I tell someone a password, often they cant get in because it turns out that the way I thought that word was spelt was actually wrong...
    1
  119. Unless a login explicitly demands words (and real words, without typos), a multi-word passphrase will be interpreted by the technology as any other random string of characters, yes? Brute-force programs aren't going to type "aaaaaaaa" and then go "wait, no, that's not a word, forget it." "Correct Horse Battery Staple" is 28 characters (counting spaces) out of a pool of 53. That's 53^28, which is approximately 1.9x10^48 possible combinations. So yeah, unless I'm missing something (a distinct possibility!) we shouldn't be thinking of the words as individual things, so counting words is still lowballing the security.
    1
  120. EVEN MORE security: add a made up word into the mix ;)
    1
  121. Well 16 character random passwords also support unicode.
    1
  122. I like the way you think. I thought a disc drive would be necessary for the rest of my life.
    1
  123. 25 years ago when my employer enforced password protection that had to have 8 characters, be changed every 6 months & could not be repeated for 23 instances and had to be activated every time the screen saver came on i realised that I wouls be spendind a measurabel amount of time each day entering my password. I therefore developed a password that could be entered with one hand (except for caps) & without moving that hand. The only problem was when changing keyboard languages ! A colleague, when on one occassion was required to enter my password commented that my password was very complicated to which I replied, "not if you are a left-handed piano player. Point of observation is that, not only is it human to have passwords that you can remember but that it should not take too long to enter if you are not "touch typist" proficient.
    1
  124. Ā @askleonotenboomĀ  When sorting by CPU usage, the display updates too fast. The lines at top get replaced so quickly, I can't see the needed info in them in time. Need to lower the refresh rate to a user-set number of seconds, not once or twice a second. Plus, a pause button may help. But this situation has existed for so long, and my well-worded feedback to the giant software companies on this and other issues falls on deaf ears, I don't know what to do. Oddly enough, the smaller software producers with less funds actually respond and thank me and implement changes lol. More money, less service; less money, more service?
    1
  125. I don't understand the concept. All possible 16 random characters would include all word combinations that equalled a length of 16 characters. So I fail to see how this security argument is anything other than "More characters is greater entropy"
    1
  126. If you still want to skyrocket entropy, spell a word wrong. Leet speak one letter. Anything, as long as it's easy to remember.
    1
  127. I prefer to use correct horse capacitor staples. They leak less than correct horse battery staples, and they don't gunk up my electric correct horse stapler.
    1
  128. Ā @askleonotenboomĀ  It was Leo Laporte sir. And you are still cool
    1
  129. I have an objection for multi-word passwords. They are long, and it can be painful to type on. For 5 random common words as this video suggests, you need about 25 letters, while the same random lower-case letter only password takes 19 letters. And my experience on that type of password is that they're actually pretty easy to remember. my google password uses random letter(lowercase only)+number for 19 letters, and the password is still stuck on my head.
    1
  130. Leo, you are a retired Microsoft engineer, I am sure you have more than enough money to continue your channel.
    1
  131. If my counting skills didn't fail me, that example password is also basically a 28 random character password, if there's no hint that it's a 4 random word password.
    1
  132. It is not "72 to the third". That is 72^0.3333. What you should have said is '72 to the 3rd power', or '72 to the power 3'.
    1
  133. Did not work.
    1
  134. Glad to hear it's not just me that is confused. It's not much of a backup if you accidently delete some files from your folder and then immediately have them removed from the cloud. I have wondered what would happen if you had to replace your computer and your new computer has no files in it. Does onedrive decide it has to also delete all your files from the cloud to synchronize. I guess not as it had not received a specific delete request so it must copy all the files down to your new computer. I went the Office 365 route when I went over 5Gig and pay a small monthly fee.
    1
  135. When I tried using the "built in" Windows back up program, I found it to be very error prone and mostly non functional. I've been using the Macrium Reflect paid version for 5 years now and I believe it to be worth every penny. It can be extremely complex and somewhat difficult to use at first but reading through the manual (only the sections you need as it has many functions most users will never use) makes things very clear and easier to use. Creating Full, Differential and Incremental backups and combinations of those will give you the security of having just what you might need to restore a full system image or just to recover one file or folder. I've tested images from both my PC and my wife's PC made on removable storage to an older test PC and have never had a glitch or error in doing the restores. I've used it to upgrade drives from MBR to UEFI and to upgrade from SSD's to M.2 drives. They have a user's forum that I've found to be very useful with many "gurus" who are glad to help if you have a problem or need help setting things up. Anyway, I'm not a salesperson for them but I can't say enough good things about the program. I feel very comfortable knowing I have a reliable backup waiting for all those "situations" that Leo talks about all the time.
    1
  136. I Have a personal algorithm that creates a password by altering the name of the site in a way that's easy to remember but hard to guess.
    1
  137. Some websites will also take foreign characters for passwords - on some websites I use Japanese words mixed with English words. So.. if you can also throw in some other writing systems you can make it even more complex.
    1
  138. People are lazy, they will use 4 very common words of maximum 4-5 letters. That would reduce the space a lot. I typically mix words in multiple languages (I know at least 4). That way the words could even be related, or the sentence could be even meaningful, yet hard to brute force.
    1
  139. How can biometrics be more secure than a strong password. Finger prints are public domain. Iā€™m not going to use not public bits of anatomy to log in. They can cut my thumb off to use it, but if they cut my head off it gets a lot harder to get my password.
    1
  140. why would anyone store personal files, or even company files in "the cloud", which is just a usual server under microsofts control. gigabyte hds are not that expensive anymore. if you need to watch your pictures on another device, how much is a 256giga stick nowadays ? people really store their stuff where microsoft wants them to be. my "My Documants", "My Pictures" are empty, so is the download folder, it me alone who decides where to put what.and the first things you need do after a fresh install, disable some 50 things and only then connect to the internet, or does anyone want to send your search-strings (which are meant to be local) to MS ? and then complain about security/privacy... dont tell me to use linux. some people do serious work with their machine, computing is not about writing shellscripts or gaming or getting the latest but useless opensource thing.
    1
  141. Also, you don't have to limit yourself to words from just one language.
    1
  142. If everybody starts using passwords consisting out of four capitalized words, hackers would take a word list containing the 2000 most common English words and try combinations of those with every word capitalized and separated by space or dash or nothing (CamelCase), as 99.9% of all people pick either of these. That's called a dictionary attack (as you are using a word dictionary). They would certainly not brute force that and start with aaaaaaa; actually nobody is doing that anymore for decades anyway (common attacks use lists of known passwords or Markov chains). And testing all combinations of 4 words from a list of 2000 is only 2000^4 combinations which are 16 * 10^12 which isn't a lot. Even if you need to try all of these once with space, once with dash and once CamelCase, this only raises that number by a factor of 3, so it's 48 * 10^12. Compared to that, 14 random characters A-Z, a-z or digits are about 10^25 possibilities, that's a way bigger number (10^15 is thousand times as big as 10^12 already and we have 10^25). Here's what I do: Not remembering passwords at all, that's what password managers are good for. There are only 6 passwords I need to remember, one is for accessing my password manager and for those I remember a sentence and take the first letter of every word. Fictional example: Alpietriyjras - How could I remember that one? "A long password is easy to remember if you just remember a sentence". Also super fast to type: Say the sentence in your head and just always hit the first letter of every word. These passwords are easy to remember bu they withstand brute force, they withstand Markov chains, they are not found and password lists and unlike words, they also withstand dictionary attacks.
    1
  143. Ā @askleonotenboomĀ  Oh I sent Google some feedbacks to add the skip option back since My Parents donā€™t trust me with an phone number Iā€™m 16
    1
  144. mis spell the words you use.
    1
  145. Substitute certain letters with symbols, an O could be substituted with 0, an S could be $, etc., if you are non-consequent of doing substitutes, substute letters for alternative letters having same or similar sound like S and Z, and if you alter separation characters, you get an increasingly difficult password to brute force. tRy&brUt3*th1s.phr4z{
    1
  146. Ā @askleonotenboomĀ  Sometime, a file become invisible, searchable on tab, and if we open it on GIMP or Paint, it says the following "No such file or directory". If we move it to another folder, it will fail. We can run Check Disk by right click on the drive and properties, right?
    1
  147. Of course, 4 random 5+ character works are more secure, that is 20 characters. You also need to be a little creative in using numbers and special characters. Being an Amateur radio operator, I tend to use callsigns for my passwords. There are millions of callsigns, some may not be active or even alive. If the site is one I don't have sensitive info on, then I use 2 callsigns mixed with special characters and mix case. For sites I care about I will use 3 calls.
    1
  148. This sentence is an unbreakable password.
    1
  149. Ā @askleonotenboomĀ  you are giving them the right to use your contents as they see fit.
    1
  150. In the case of my phone I appreciate that the passkey is telling another site that the phone is me. But it's possible that the phone might not be me if it's stolen or lost. As they used to say at work I think I need to see this "operationalized at a more granular level". šŸ™„
    1
  151. Ā @askleonotenboomĀ  when you create a password with them...does the password look like scrambled eggs of characters...and...each time i log into something....does that set of characters changed...so...i log into bank x pwd 1 = $%$@%/...then I log bank x again and pwd 1 = )((***...?
    1
  152. TL;DR: OneDrive by itself is fine. Just don't enable Backup. And I agree - I discovered this behavior myself - OneDrive Backup is confusing and even dangerous.
    1
  153. On the one hand, yes, nothing lasts forever. On the other hand, as long as there exists the knowledge to retrieve the data, then it is TECHNICALLY retrievable. (I still have multiple working floppy drives, both 3-1/4 inch and 5-1/2 inch. No 8 inch, though.) As for SATA, it's been out well over 20 years. It's not going away any time soon, but it won't last forever. (But then, you can still find IDE drives for sale, so...)
    1
  154. Hi Leo, congratulations! Twenty years is quite something. Where I always fist associate your channel with is our chat a few years ago about my nationality and where I live in relation with your last name. I did not need your lessons, however I love looking at your video's and have a font memory of that small converstion in your reactions about The Netherlands where your great-great-great-grandparrants came from. You made quite an efford with Ask Leo and I think you loved any minute of it. But I have to admit, I still have to watch this video. I only saw the first 28 seconds and decided first to congratulate you. Now I am going to watch the rest. Congratulations Leo! And enjoy!
    1
  155. You do well, I don't think I've learned much from you, but I can use your videos to teach others. I remember the dark days of IE5 and IE55 like it's some kind of PTSD. Honestly, Netscape wasn't awesome either. Old Opera was pretty darn good. Firefox is where I settled and still am. I remember the time when it was still called Phoenix. I've always been a standards guy, didn't like Flash, Java applets, ActiveX, etc. either. HTM5, VP9, AV1, etc. is where it's at. HTML5 really killed those plugins out the door. Some things I run as PWA (Progressive Web App) now, I have a Firefox Phone for a while, that's how much I supported standards, original iPhone was supposed to be that way too. But maybe some things should be native in that time, so they went with that and then they eventually they figured out could make lots of money with the app store model. And mobile Safari became the IE5 of mobile.
    1
  156. This behavior is litterally ridiculous, if you turn on backup then all the shortcuts are updated, so you can work in the OneDrive folder to keep everything backed up. But that is essentially no different from just working always in the OneDrive folder anyhow, and achieve the same without having this package messing with all your local folders. I wouldn't ever recommend anyone ever used the backup.
    1
  157. Brut force methods only work on stolen hash tables. There are very few situations where stolen hash tables are not noticed, and the people involved are advised to change their passwords. Using a brut force attempt on a raw password program is nonsense since most now have a 3 tries and you are locked out for an hour, or whatever. Many banks lock your account until you reset your password. So all this using huge password crap is nonsense!
    1
  158. started using passphrases as a teen s I could remember my login without younger sibling stealing it fro a sticky note
    1
  159. The random letter password algorithm you're using to figure out how many possible combinations there are includes passwords like "aaaaaaaaaaaaaaaa" (16 of the same letter). To eliminate these and arrive at a more real world count you need to approach the problem with statistics. Your thought is exactly right, just includes the repetitive letter password which, I hope, no one would use. A multilingual pun makes an interesting pass phrase. "No tiene any" for instance.
    1
  160. Well the problem with Hddā€™s is that they contain metal read write heads on a spinning magnetic platter these heads under extreme cold and heat will break and you can and will lose ALL of your data so if you want to store long term data make sure this equipment is climate controlled.
    1
  161. 72*72 is like 5000
    1
  162. "Person. Woman. Man. Camera. TV." - Your video (which is awesome and informative, btw), makes me wonder about that time the former cheeto-in-chief went on a rant about his mental abilities by repeating those 5 random words.. What are the odds he was actually revealing to the entire world the secret words someone had set as his password? For any other human on the planet, the notion of them being so dumb as to say out loud the very thing they were told never to say out loud seems preposterous, no one is that stupid! Right? But for a nitwit with a reputation for doing exactly that, the idea seems far more plausible. Let's face it, Drump can't keep a secret to save his own arse. I'd bet money "Person-Woman-Man-Camera-TV" was supposed to be a secret passphrase he was supposed to keep under wraps. Whether it was the password to his Twitter account, or the nuclear launch verification phrase, is anyone's guess. I also question whether or not anyone would have felt it necessary to change the phrase after he broadcast it to the world, either because they doubt anyone would believe someone so stupid as to reveal their password in such a manner, or because they felt it pointless to give Loose-Lips-Donny a new secret phrase knowing it would only be a matter of days before he compromised that one as well.
    1
  163. 2:50 no itā€™s not! Surely you know about sextillions, quintillions and quadrillions!
    1
  164. Now enter the possibility of using words from other languages
    1
  165. Yes. Missed the point of the comic completely.
    1
  166. While I agree with the underlying message of the video that remembering pass phrases is better than trying to remember passwords, there are a couple of very misleading things that are said in this video; 1) There are a lot more than 72 unique characters on a keyboard to make passwords out of. There is actually 95 printable ascii characters so if you have a standard American English layout keyboard like my one then you can make passwords with 95 unique characters. 2) I disagree with using words from an "Archaic word list" because of the lack or randomness from reusing words from a word list UNLESS the words are chosen at random and the pool of words is a very big pool but in that case you have just reinvented the Diceware scheme. I recommend people use the Diceware scheme and Diceware word list to save yourself the trouble of having to create a giant word list.
    1
  167. You really want to make your 4 word passphrase strong against an English dictionary brute force? Add a typo... But do it on a word you don't use, otherwise you are going to be typoing that word every time you use it. Adding every possible typo to your dictionary is going to balloon the complexity probably even faster than adding capitalization (most people will just capitalize the first letter of each word which doesn't in practice as any entropy). There are a lot of ways to typo a word, swapping positions, adding a letter, subtracting a letter, swapping a letter, spelling the word phonetically... and it doesn't require you to complicate the typing of your passphrase.
    1
  168. Tell me does shorthand have anything to do with hieroglyphics I need to know because i was cut off from reality
    1
  169. So if i use a password like "I aM On to You" or "ps AX|grep keyl*" i also get to scare the shit our of script kiddies šŸ˜€
    1
  170. thanks a lot for clarifying this issue. i bought a refurbished pc with windows 11 and itā€™s been driving me nuts with the automatic backup to onedrive. and yes its all to get you to buy more dara on their cloud. will turn off backup today and manage my files offline thanks very much Microsoft stay away.
    1
  171. They identified your Friends from your public Friends List. Make it hard on the next scammer: change the visibility of your Friends List from public to friends-only or friends-of-friends.
    1
  172. Beware of key loggers stealing your passwords. Edit: Nevermind, he said it.
    1
  173. Thanks for explaining this. I agree that its confusing but don't believe that invasive makes a difference here. I never used the OneDrive backup for Documents before. But now that I know that it moves existing documents to OneDrive documents, I will start using this. I used to assume that it creates a new documents folder for every PC. I think Google Drive does it a little differently where it shows a different document folder for every PC backed up. And I thought OneDrive was the same.
    1
  174. i just tried a Win 10 system image backup and the resulting folder turned up empty! it spent 15 minutes backing it up tho, so it's pretty funny and weird
    1
  175. OneDrive may serve as off-site backup storage for extreme emergencies, but I still keep backup originals on a separate PC drive and copies on an external drive.
    1
  176. I have found the nation that still hasn't changed to the metric system is the biggest complainers, and the most change averse. As Leo said, you might even have fun changing
    1
  177. Ā @askleonotenboomĀ  I don't understand the comment either. I like how you clearly explain the subject matter and never talk down to us like most of the IT folks at the office do.
    1
  178. This is cool Iā€™m gonna start using correct horse battery staple for all my passwords now
    1
  179. I use random words with some characters replaced with numbers. See if you can guess it.
    1
  180. This appears to have become the most popular answer for pretty much everything: as (long) as possible. :-)
    1
  181. Four words more than four letters is longer than 16 characters
    1
  182. had bsd random on my x99 with i7 , one of my memory stick had different timing ,, bst got reduce , change the cpu for xeon , xpm was disable and bst have stop ,
    1
  183. You can't add upper case to words to the example without adding it to the other initial non-word option too or it becomes a bad comparison. You should already use both lower and upper case characters even if you don't use words. Many places limit passwords by a number of characters so words are not a good option there (I think PayPall is one of them). (Edit) Beyond that, for the sake of argument. You need to consider probability when talking about how long it takes to brute force a password since odds are very low you will guess it on the last possible try. Sometimes a machine gets lucky and guess the password pretty fast. Have enough machines running working on different passwords and odds fall in your favor to crack one of them much sooner than expected.
    1
  184. I have always thought of my digital presence and my presence in this world as a whole as a transient thing, that I should strive to leave as little behind as possible but as I grow older I start thinking of the old adage about "planting trees under whose shade you will never sit". This has given me something to think about.
    1
  185. Another hack: use another language or mix languages. "My gato es muy beautiful."
    1
  186. Iā€™m using correct horse battery staple for all my passwords now.
    1
  187. I don't think "The jury's not in" is the expression. I think its "The jury's still out". Then again, you aren't wrong.
    1
  188. I discovered you I think around 2005 or 6.
    1
  189. Your videos are timely and contain so much useful information. Thank you.
    1
  190. Too bad soooo many code kiddie developers are using some old library for the login function that limits passwords to 20 characters. Every time I try to set a new password and am told ā€œpassword too long,ā€ I despair for all things sane. Sure, letā€™s force users to create less secure passwords.
    1
  191. Please, made this review again for today media.
    1
  192. ...And if you pick four werds that are spelled fonetikly, then dictionary attax will ortomatikly be unsuksesful.
    1
  193. Yes, MS are the B team. If you are a consumer (not worker), and use Windows, and MS products, why?? You have consumer choice! Use it!
    1
  194. using 4 four character words is the same as using 16 characters to the computer, just easier for humans to remember
    1
  195. Thank you
    1
  196. Thanks. I knew everything except the CTL 0, I had been using CTL - to get back.
    1
  197. I disagree that passphrases are harder to hack than characters. For a 20 character password, each position is occupied by a character. The fact these characters may or may not be coherent in English doesn't come into it. I think of it like a old safe with 3 disks - each disk holds a position, you don't care what that position is, you only care about the feedback from the disk of when it is in position. Horse and Horxe are no different to brute force. It's just needing enough time to cycle each character into position to be correct. This extends to the idea of "correcthorsebatterystaple" vs it's spaced and capitalized counterpart = well, this is a pattern of behaviour to be adopted by the 20 random string approach. "Correct Horse Battery Staple" vs "AoExe Llom!". If the point of this is memorization, then I agree, but this doesn't address the idea of pass word managers. That includes it's own risks, though.
    1
  198. The pw of eight characters and special marks etc 34rt?3Q9 can be bruteforced... mine: thequickbrownfoxjumpedoverthelazydig (a modification of the typing technique with all letters used, but so slightly changed.. would not be solved before the univers winks out of existance
    1
  199. only that they aren't, as you get about two characters worth of entropy from a random word or you need to put up with really uncommon words
    1
  200. Hello Leo today I ran into a problem with my computer and found the answer on your website and I would love to say thank you so much!! You are so precious to this world, hope you have a good day<3!!!!
    1
  201. Punch cards, maybe mylar tape.
    1