Hearted Youtube comments on Ask Leo! (@askleonotenboom) channel.

  1. Thank you Leo. Genuinely, Thank you.
    2
  2. It gets even better when you deliberately misspell words.
    2
  3. The macrium reflect Free doesn't exist anymore and don't get long support either.
    2
  4. I agree that SSDs are excellent value upgrades typically costing under £50 for 250-500Gb. A laptop hdd can be repurposed by using it in a USB enclosure to facilitate cloning and then having it as a backup drive.
    2
  5. Change is good. Change is inevitable. Change gives one the opportunity to excel, learn, and grow.
    2
  6. great video. yes it does look as though microsoft is so keen to get people to pay for a onedrive subscription, or for 365, that they havent thought it through from a user perspective. thier architecture attempts to corral users into doing stuff on the cloud - which some of us dont always want. eg if we want to be fully functional when offline or with a slow connection. microsoft has also made the presentation of files in explorer unnecesarily confusing. all wel ntentioned maybe trying to make it look neat and tidy, but the end result is bad for the user and confidence sapping for those not tech literate. it may even lead to people wondering if they have alzheimers, because hey can't find their stuff. not good. this is a great heads up summary of what the issues are. thank you and well done
    2
  7. That's because you're clearly a casual mail user. Those who really use email for work often need a lot more features than offered by webclients. Also, having access to your mail when you're offline can be necessary. Can't do it without a local mail client.
    2
  8. I'm so angry with OneDrive. When it asked me to backup my desktop files, I'd figured it'd just store everything as a copy, as the word BACKUP would mean such. At no point was it explained to me that it would basically MOVE all my files to a different directory, one that's not even local on my system (OneDrive). This is so invasive. No software should move or delete anything without the explicit permission from the user. Now I have a bunch of broken links because they no longer point to the correct locations. I wish I knew all this beforehand.
    2
  9. Why not using a different language even or more than 2 ,than it would be much more difficult for hacking them. 😀
    1
  10. CONGLATURATION !!! :)
    1
  11. Thank you. You helped me a lot..
    1
  12. I have a ton of pictures... several Tb worth. Unfortunately, as I edit them, their updates often make duplicates of themselves. This is especially true if I manually copy them to my external HDDs. I wish I could afford RAD technology but that would actually double the drives I need.
    1
  13. Adding to the passphrase thing; Adding numbers and non-standard characters to this and the numbers spin out of control.
    1
  14. So you learned your hair DOES turn gray! :)
    1
  15. Multi word passwords aren’t more secure than random characters of the same length. You can only remember them better.
    1
  16. Oh, very good lecture ;) Good work, both from the point of view of demystifying tech, or just giving people something useful that you can understand why is useful.
    1
  17. This is a great market data gathering tool. You have allowed them your name , address, picture, and any other information that you put in that folder. They dont delete this if at all until they are done with it.
    1
  18. I feel, being dyslexic helps with password production, like, if I tell someone a password, often they cant get in because it turns out that the way I thought that word was spelt was actually wrong...
    1
  19. Unless a login explicitly demands words (and real words, without typos), a multi-word passphrase will be interpreted by the technology as any other random string of characters, yes? Brute-force programs aren't going to type "aaaaaaaa" and then go "wait, no, that's not a word, forget it." "Correct Horse Battery Staple" is 28 characters (counting spaces) out of a pool of 53. That's 53^28, which is approximately 1.9x10^48 possible combinations. So yeah, unless I'm missing something (a distinct possibility!) we shouldn't be thinking of the words as individual things, so counting words is still lowballing the security.
    1
  20. EVEN MORE security: add a made up word into the mix ;)
    1
  21. Well 16 character random passwords also support unicode.
    1
  22. I like the way you think. I thought a disc drive would be necessary for the rest of my life.
    1
  23. 25 years ago when my employer enforced password protection that had to have 8 characters, be changed every 6 months & could not be repeated for 23 instances and had to be activated every time the screen saver came on i realised that I wouls be spendind a measurabel amount of time each day entering my password. I therefore developed a password that could be entered with one hand (except for caps) & without moving that hand. The only problem was when changing keyboard languages ! A colleague, when on one occassion was required to enter my password commented that my password was very complicated to which I replied, "not if you are a left-handed piano player. Point of observation is that, not only is it human to have passwords that you can remember but that it should not take too long to enter if you are not "touch typist" proficient.
    1
  24.  @askleonotenboom  When sorting by CPU usage, the display updates too fast. The lines at top get replaced so quickly, I can't see the needed info in them in time. Need to lower the refresh rate to a user-set number of seconds, not once or twice a second. Plus, a pause button may help. But this situation has existed for so long, and my well-worded feedback to the giant software companies on this and other issues falls on deaf ears, I don't know what to do. Oddly enough, the smaller software producers with less funds actually respond and thank me and implement changes lol. More money, less service; less money, more service?
    1
  25. I don't understand the concept. All possible 16 random characters would include all word combinations that equalled a length of 16 characters. So I fail to see how this security argument is anything other than "More characters is greater entropy"
    1
  26. If you still want to skyrocket entropy, spell a word wrong. Leet speak one letter. Anything, as long as it's easy to remember.
    1
  27. I prefer to use correct horse capacitor staples. They leak less than correct horse battery staples, and they don't gunk up my electric correct horse stapler.
    1
  28.  @askleonotenboom  It was Leo Laporte sir. And you are still cool
    1
  29. I have an objection for multi-word passwords. They are long, and it can be painful to type on. For 5 random common words as this video suggests, you need about 25 letters, while the same random lower-case letter only password takes 19 letters. And my experience on that type of password is that they're actually pretty easy to remember. my google password uses random letter(lowercase only)+number for 19 letters, and the password is still stuck on my head.
    1
  30. Leo, you are a retired Microsoft engineer, I am sure you have more than enough money to continue your channel.
    1
  31. If my counting skills didn't fail me, that example password is also basically a 28 random character password, if there's no hint that it's a 4 random word password.
    1
  32. It is not "72 to the third". That is 72^0.3333. What you should have said is '72 to the 3rd power', or '72 to the power 3'.
    1
  33. Did not work.
    1
  34. Glad to hear it's not just me that is confused. It's not much of a backup if you accidently delete some files from your folder and then immediately have them removed from the cloud. I have wondered what would happen if you had to replace your computer and your new computer has no files in it. Does onedrive decide it has to also delete all your files from the cloud to synchronize. I guess not as it had not received a specific delete request so it must copy all the files down to your new computer. I went the Office 365 route when I went over 5Gig and pay a small monthly fee.
    1
  35. When I tried using the "built in" Windows back up program, I found it to be very error prone and mostly non functional. I've been using the Macrium Reflect paid version for 5 years now and I believe it to be worth every penny. It can be extremely complex and somewhat difficult to use at first but reading through the manual (only the sections you need as it has many functions most users will never use) makes things very clear and easier to use. Creating Full, Differential and Incremental backups and combinations of those will give you the security of having just what you might need to restore a full system image or just to recover one file or folder. I've tested images from both my PC and my wife's PC made on removable storage to an older test PC and have never had a glitch or error in doing the restores. I've used it to upgrade drives from MBR to UEFI and to upgrade from SSD's to M.2 drives. They have a user's forum that I've found to be very useful with many "gurus" who are glad to help if you have a problem or need help setting things up. Anyway, I'm not a salesperson for them but I can't say enough good things about the program. I feel very comfortable knowing I have a reliable backup waiting for all those "situations" that Leo talks about all the time.
    1
  36. I Have a personal algorithm that creates a password by altering the name of the site in a way that's easy to remember but hard to guess.
    1
  37. Some websites will also take foreign characters for passwords - on some websites I use Japanese words mixed with English words. So.. if you can also throw in some other writing systems you can make it even more complex.
    1
  38. People are lazy, they will use 4 very common words of maximum 4-5 letters. That would reduce the space a lot. I typically mix words in multiple languages (I know at least 4). That way the words could even be related, or the sentence could be even meaningful, yet hard to brute force.
    1
  39. How can biometrics be more secure than a strong password. Finger prints are public domain. I’m not going to use not public bits of anatomy to log in. They can cut my thumb off to use it, but if they cut my head off it gets a lot harder to get my password.
    1
  40. why would anyone store personal files, or even company files in "the cloud", which is just a usual server under microsofts control. gigabyte hds are not that expensive anymore. if you need to watch your pictures on another device, how much is a 256giga stick nowadays ? people really store their stuff where microsoft wants them to be. my "My Documants", "My Pictures" are empty, so is the download folder, it me alone who decides where to put what.and the first things you need do after a fresh install, disable some 50 things and only then connect to the internet, or does anyone want to send your search-strings (which are meant to be local) to MS ? and then complain about security/privacy... dont tell me to use linux. some people do serious work with their machine, computing is not about writing shellscripts or gaming or getting the latest but useless opensource thing.
    1
  41. Also, you don't have to limit yourself to words from just one language.
    1
  42. If everybody starts using passwords consisting out of four capitalized words, hackers would take a word list containing the 2000 most common English words and try combinations of those with every word capitalized and separated by space or dash or nothing (CamelCase), as 99.9% of all people pick either of these. That's called a dictionary attack (as you are using a word dictionary). They would certainly not brute force that and start with aaaaaaa; actually nobody is doing that anymore for decades anyway (common attacks use lists of known passwords or Markov chains). And testing all combinations of 4 words from a list of 2000 is only 2000^4 combinations which are 16 * 10^12 which isn't a lot. Even if you need to try all of these once with space, once with dash and once CamelCase, this only raises that number by a factor of 3, so it's 48 * 10^12. Compared to that, 14 random characters A-Z, a-z or digits are about 10^25 possibilities, that's a way bigger number (10^15 is thousand times as big as 10^12 already and we have 10^25). Here's what I do: Not remembering passwords at all, that's what password managers are good for. There are only 6 passwords I need to remember, one is for accessing my password manager and for those I remember a sentence and take the first letter of every word. Fictional example: Alpietriyjras - How could I remember that one? "A long password is easy to remember if you just remember a sentence". Also super fast to type: Say the sentence in your head and just always hit the first letter of every word. These passwords are easy to remember bu they withstand brute force, they withstand Markov chains, they are not found and password lists and unlike words, they also withstand dictionary attacks.
    1
  43.  @askleonotenboom  Oh I sent Google some feedbacks to add the skip option back since My Parents don’t trust me with an phone number I’m 16
    1
  44. mis spell the words you use.
    1
  45. Substitute certain letters with symbols, an O could be substituted with 0, an S could be $, etc., if you are non-consequent of doing substitutes, substute letters for alternative letters having same or similar sound like S and Z, and if you alter separation characters, you get an increasingly difficult password to brute force. tRy&brUt3*th1s.phr4z{
    1
  46.  @askleonotenboom  Sometime, a file become invisible, searchable on tab, and if we open it on GIMP or Paint, it says the following "No such file or directory". If we move it to another folder, it will fail. We can run Check Disk by right click on the drive and properties, right?
    1
  47. Of course, 4 random 5+ character works are more secure, that is 20 characters. You also need to be a little creative in using numbers and special characters. Being an Amateur radio operator, I tend to use callsigns for my passwords. There are millions of callsigns, some may not be active or even alive. If the site is one I don't have sensitive info on, then I use 2 callsigns mixed with special characters and mix case. For sites I care about I will use 3 calls.
    1
  48. This sentence is an unbreakable password.
    1
  49.  @askleonotenboom  you are giving them the right to use your contents as they see fit.
    1
  50. In the case of my phone I appreciate that the passkey is telling another site that the phone is me. But it's possible that the phone might not be me if it's stolen or lost. As they used to say at work I think I need to see this "operationalized at a more granular level". 🙄
    1