Thoughts on creating more secure passwords

After recently spending time creating an application to take words or phrases and turning them into password suggestions, I thought I would share.

Long passwords are in general more secure than short ones. However, it all depends on the composition of a long password. It is much easier to remember a long phrase than a short, random password.

It turns out that most computer users have been taught to use passwords that are hard for them to remember. But, those types of passwords are actually easier for programs to figure out. So, why bother with random passwords at all?

Take the following password phrase and change it up a few ways:

This is a test – plain text
Th1s1s@t3st – change i to 1, a to @ and e to 3
testisThisa – shuffle the phrase
#06Thisisatest17* – add #month and year* to the phrase
#06Tiat17* – first letter of each word

What we find, is that the first and fourth passwords are the strongest and are easy to remember.
Using a password strength tool like zxcvbnthe results are below. This tester checks the characters in the password and also looks up words in a large dictionary. In the first example, a computer would have to check up to 1,000,000,000,000 (10^12) different guesses to find the correct phrase.

This is a test = 10^12 guesses, score 4 of 4 (14 characters)
Th1s1s@t3st = 10^9 guesses, score 3 of 4 (11 characters)
testisThisa = 10^8 guesses, score 3 of 4 (11 characters)
#06Thisisatest17* = 10^16, score 4 of 4 (17 characters)
#06Tiat17* = 10^10, score 3 of 4 (10 characters)


You can see a direct relationship between the length of the password and how hard it is to guess.

Microsoft limits passwords from 8 to 16 characters.
Yahoo use to allow really long passwords but now 32 characters is the maximum.

So, the recommendation is to use a phrase you can remember easily, but, not one that others would know about. For Microsoft logins or emails, you will have that 16 character limitation but you can use a long phrase and just pick the first letter of each word, then add text to both ends of the result. If you use something like month and year above then your phrase can be up to 10 words long. Be sure to include upper and lower case words.

For more information on zxcvbn which was created by a programmer at DropBox, click here.

For another password test page, click here.

Popup Info – Displaying popular quotes and other information

  • v1.03 update. Corrected the number of Christian Quotes to 1,750.
  • v1.02 update. Adds menu options to display popups on left or right side or the center of the main monitor window.
  • First Public Release v1.0 is now available.

Over a year ago, I added some popup information to my Ready Bible Study program. It took some time to get the lists together and learn how to present them in a simple, attractive way.

Late last week I decided that I would split off those lists, add some more and create a separate, much smaller program called Popup Info. I added a list of 160 general quotes, 100 motivational quotes, 50 computer programmer quotes and 65 workout quotes which makes a total of 8 different lists. As I run across more, I will add them in the future.

The current version 1.03 is about 900kb and may be downloaded here. Just place it in any folder and run it. PopupInfo

Program Info:

Program Menu options:

Sample popups are easy to display with Demo Mode:

Users can set the number of minutes between popups and also turn off any lists they are not interested in.

Setting any Interval to 0 will turn that list off. Setting the Display Time to 0 will display each popup until you click on it.

You may click on the program tray icon to Pause or Resume display of Popups.

Simple Reminders software

[Version 1.22 (03/31/18) is available for download here, Simple Reminders – The prompts displayed when Pausing/Resuming Reminders and when Pomodoro Timer is running have been changed so as to not use Windows 10 toast notifications which are too noisy. Pomodoro Work time prompts are blue and Break time prompts are yellow. The other prompts are green.]

As usual there is no installer required, just open the zip file and copy the Simple Reminders to any folder or to the desktop and run it. If Windows prompts to run, just click Run anyway.

In 2017 there have been a lot of articles detailing why sitting for long periods of time is very bad for one’s health. Having written a program call Get Exercise last year, I thought perhaps a smaller, more generic Reminder program may get even more use. Get Exercise has had about 2,000 downloads and has a lot of options, lots of pictures / diagrams for stretching and eye exercises, but, it may be overwhelming for some users.

A smaller program that can still reminder computer users to get up, walk, stretch, take out the trash, attend a 10am phone meeting, etc. will hopefully be easier for everyone. For those who want more bells and whistles, the other program will remain available.

The new program is called Simple Reminders and allows users to create up to 9 reminders that are displayed at specific times each day or are shown after user-defined timers go off. Several screen shot will help show how easy this is to setup. Reminders will be displayed as below, either from the bottom left side or right side:

The About Simple Reminder window has general info plus several examples of ways to setup reminders.

There are a couple of extra features borrowed from Get Exercise which has its blog page here.

The initial Reminders are set as follows.

You can uncheck ‘Left-side Notifications’ to display reminders at the Right-side of the window. In order to edit the Labels, Colors and Delays, you need to uncheck ‘Disable Advanced Fields’ as shown below:

Clicking on the program’s icon in the system icon area of the Task bar will display a mini list of the currently set reminders.

Pausing Reminders from the menu will stop notifications from appearing, but, doesn’t stop the timers from running.

For more info on ‘Do Breathing Exercise’ and ‘Pomodoro Timers’ refer to the page on Get Exercise.

If you want more sound when a reminder is displayed then check ‘DOUBLE Sounds.’ Or you can TURN OFF all sounds.

 

PC Monitoring and Remote Administration

So, over the last two years, I have written some scripts or apps that were ultimately used at work. One was a response to the malware family called ransomware which gets onto a computer, encrypts the user’s files and then gives them instructions on how to pay to have them unencrypted.

DocWatch

Our antivirus software, at the time, did not prevent this type of activity and we had a couple of attacks and a lot of files encrypted. Fortunately, we have good backups, so the files were relatively easy to restore.

I found a directory watcher routine that miraculously would notify me of changes to any number of files and folders on both local and network shared folders. It was written in AutoHotkey, which I was unfamiliar with. But, I put on my thinking cap and created my first app in that language and called it DocWatch. It basically lets users add folders to a watch list and only looks at business documents for either rapid changes or certain filenames. Most crypto malware or ransomware programs use specific filenames and are easy to detect after they start their damaging encryption. DocWatch alerts on both activity levels and filenames, both of which are configurable. It will email an administrator and, if running on the infected computer, it can shut it down automatically. Below are a couple of screen shots.

The PDF Manual is here DocWatch Manual.
For those who are interested in this feel free to contact me.

PC Dashboard

Another application we use frequently brings a lot of separate PC utilities under a single program. We regularly work with lots of computers, installing software, troubleshooting issues, inventorying, etc. So, I embedded many small applications into a common interface shown below. Again, if anyone is interested in adapting the program to their network, please contact me. The PDF Manual is here PC Dashboard 2



Click Eye Reminder v1.29

v1.29 – fixed audio volume issue
v1.28 – added AutoStart, For Audio Only it uses two beeps for Right Eye, one beep for Left Eye
v1.27 – fixed accidental lowering of system volume by the program
v1.26 – added Timer Only Audio if you want to use sounds only to signal switching eyes. Chimes Up for Right Eye, Chimes Down for Left Eye.
v1.25 – added different times for Audio feedback when using Timer Only

For people who predominantly use one eye while reading, this program periodically displays a small prompt to switch from Left to Right eye after a user chosen number of mouse clicks. I use my Right eye much more than the Left, so I wrote this hoping to help my vision.

It can be customized by font, size, display time, etc. For multiple monitor users, it can be set to use one eye for each monitor.  In Clicks Only mode, after 5 minutes of no clicks, the prompt to switch eyes will be displayed at twice size, centered with audio. I have only tested multi monitor support with my three monitor setup at work.

Users may also Pause / Resume the program from the menu or by clicking on the tray icon. If they choose Use Audio then every visual prompt is preceded by a beep.

Just open the download and copy the file to any folder and run it. No install is required. The program download is here Click Eye Reminder


   

 

 

Get Exercise 1.7x – Exercise Dashboard and Timers added

Version 1.74 of Get Exercise may be download here GetExercise or from this page http://michaels-tech-notes.info. The latest additions are below.

v1.74 – 01/10/17  Add left click tray menu, shorter, more context sensitive than the right click menu.
v1.73 – 01/06/17  Added ability to click on Tray icon to Start, Stop or Switch Pomodoro timers, Pause/Resume Exercises, exit the program. Made the Stretching timers owned by the current exercise window so it only stays open for one exercise.

   

A lot has happened since the last update to Get Exercise. After noticing that there were a lot of windows and prompts on my computer after I had been away from it for a while, I decided that a central window to hold exercise reminders was needed. I have called it an Exercise Dashboard for lack of any better name. Below is an example of the Dashboard with sample reminders. It displays up to 6 reminders, each one can be for Stretching, Aerobics, Circuit training or Eye exercises.

The parts of this window are: 1) Instructions – Left clicking on a button acknowledges that you have or will do it and displays any associated picture instructions, Right clicking a button skips that exercise, 2) The button area, 3) a motivational quote areas which changes upon receipt of a reminder or by clicking a button and 4) a status bar that shows the totals for each type of exercise.
If you click on the status bar you will see a summary and the option to zero out all the totals.
You may close this window without taking any action, but, every time a new reminder occurs, you will see the window and a new reminder button.

I hope everyone will agree this Dashboard approach provides a much more convenient and less cluttered approach than the previous versions of the program.

The other big additions are Timers for both the stretching exercises and the 1 Minute exercises. It dawned on me that these should have been included a while ago. Now you can start a timer, do your stretching or 1 minute exercises while waiting for a beep. Screen shots of these timers are below.

Clicking the TIMERS button displays:

When you reach 3 counts of stretching the color turns green.

The timer itself looks like this.

The 1 Minute exercise window also has a timer preset for 60 seconds.

 

When you Exit or Restart the program, you are prompted to Save the checked 1-minute items and the Dashboard totals. When you make changes to Setup, these are automatically saved since the program needs to restart after those changes. This makes is a lot easier to experiment with settings as you won’t lose the exercises you have completed for the day.

Right-clicking on the program’s tray icon to reveal its menu. The new additions are Display Exercise Dashboard and Pomorodo Timers.

After you select either the Standard or Longer Pomodoros you will see a taskbar message as below. This means for 25 minutes you are to work diligently on a task. This will be followed by a 5 minute break. You will see these prompts once per minute while Pomodoro is running. You can stop it at any time. Also, notice that the program’s icon will turn Green during Work and Red during Break. I am very visual and threw this in just as another reminder that Pomodoro is running. You can also select the longer 48 minute version with 12 minutes of break. Traditionally, Pomodoro cycles are counted and after 4 of them you can take a 15-30 minute break. I may add that in the next release. You can see how many have counted off by the #number in the minute prompts.

When you exit or restart the program, you are now given the opportunity to save the number of Dashboard exercises that you have completed and also which 1 Minute exercises you have completed for today. At the start of a new day you may need to reset the 1 Minute list and click on the Dashboard status bar to clear its counters. Or simply exit the program without saving these. Also, when you make changes to Setup, these are automatically saved for you so you won’t lose your counts or check list for today.

These are the additions to the Get Exercise program. I am hoping all of my testing is complete. I’ve been quite ready to upload this new version as it is much more complete than the previous release.

Please leave comments on any issues or future features you would like to see in the program. I will be giving it a break for a while until some more ideas come my way.

Get Exercise v1.4x – freeware program to remind computer users to stretch and to exercise

[Dec 26th Update – New features coming soon. See this new post http://s355751075.onlinehome.us/get-exercise-1-7x-exercise-dashboard-and-timers-added/]

Get Exercise is a small application that, once setup, reminds you to do stretching exercises (with pictures), aerobics (walking, jogging, etc.), circuit training (multiple exercises during a less than 10 minute time period) and a series of 1 minute exercises every hour. Everything is configurable by you. Download the ZIP file from here. getexercise

Many, many pictures (about 36) are used with this program, some are below.

       

 

Memory Hogs v1.45 – A PC performance activity monitor and alert system

[Note: v1.45 is online.  Fixed a couple of typos. Fixed window sometimes popping up dead center instead of chosen corner. Added popup menu when left clicking on Tray icon. Download from here MemoryHogs]

While noticing how slow my browsing sessions at home could get, I thought it would be nice to try and monitor the situation and ‘diagnose’ what is going on. I use Firefox routinely, It is a one process browser and can grow to use a lot of RAM. I’m talking 900 megabytes, 1200 megabytes or more. And sometimes when it gets that high, it is a runaway process that needs to be killed. I highly recommend an add-on called “YouTube – Flash HTML5.” With it, you switch between Flash videos and HTML5 videos. Sometimes Flash just goes wild and crashes Firefox.

While searching for clues on writing an application to monitor processes, I came across the basic code for getting a list of process names, RAM usage, Path, etc. I created the basic program around that. I later saw some AutoHotkey code for a CPU Load graphical monitor. And I also read up on Win32_Process more. I filtered the list on only processes that have a window associated with them. Other processes are service or ‘background’ processes, for lack of a better word.

Currently, users can choose how many processes to display, the RAM and the CPU Thresholds, over which the Memory Hogs window will be displayed.

Memory Hogs can alert users of the following:

  1. When any process uses more than a certain amount of RAM.
  2. When any process is ‘Not Responding’ a Tray Tip window will be displayed.
  3. When the CPU Load is over a certain percentage.
  4. When free Disk space is below a certain amount.
  5. When Used RAM is above a certain percentage.
  6. When Used Pagefile is above a certain percentage.
  • Item 1 will be checked if a process is over the threshold.
  • Item 2 will be displayed at the bottom right corner if a process has been Not Responding for at least 9 seconds. This value can be changed in the settings file.
  • Item 3 will flash the CPU Load when threshold is reached.
  • Item 4 will only be displayed when the computer name is added to the settings file using the ShowDiskSpaceForPCsNamed variable matches the current computer. (Since fixed disk space is rarely an issue today this alert is not enabled by default.) [For some systems like Virtual Desktops, the amount of disk space may well be 10gb or less and free space would be important to track.]
  • Item 5 defaults to Used RAM greater than 90% and will flash an alert.
  • Item 6 defaults to Used Page File greater than 90% and will flash an alert.

Double-clicking a process will allow it to be killed. Right double-clicking will display the process folder in windows explorer. It can run in Stealth Mode and log these events for you to check later on.

Some screen shots and more information are below.

Main Window showing 10 Top Processes, 800mb Process alert and 90% CPU Load alert.

Setting Process Threshold to 150mb shows two processes over the limit

General Program Info

Program Icon right-click menu

Mouse over the Program tray icon to see current settings and CPU Load / Top Process at the bottom.

View Settings File

View Logs for Not Responding, CPU load and Free Diskspace

Double-click a process to Exclude it from the Not Responding tray alerts. Excluded processes will be highlighted like you have clicked them in the list. This is just a quick visual indicator.

Later on you can double-click the same process to Include it in alerts again.

The help instructions from the program are below.

v1.29 –
Pressing ALF-F at the Main window will Freeze it so you can make changes to the numbers and double-click any processes to Exclude them from or Include them into the Not Responding alerts. Click Update then press ALT-F when you are finished to “Thaw” the display.

v1.28 –
Added two more Memory alerts to the main window, Used Physical RAM percentage and Used Pagefile percentage.

v1.27 –
Create a shortcut for the program with parameter, either s or S, and it starts in Stealth Mode with no visible output. (i.e. command line is memoryhogs.exe s)

v1.26 –
Changed Refresh button to Update. Now you can change the values then click Update to see the effect without the program restarting. Pressing Escape key hides the window and set AlwaysShow OFF.

v1.25 –
For processes that frequently go Not Responding you can Exclude them from showing alerts by double-clicking them and choosing EXCLUDE. They will be displayed as gray or highlighted color to denote Excluded. If your double-click them again you can choose INCLUDE and they will alert on Not Responding. Processes that go over the RAM Threshold displayed with a checkmark.

v1.24 –
Users can click on the Tray icon to Show or Hide the main window now.

v1.23 –
Added a limiter for Not Responding processes called aProcessSeconds. It defaults to 9 seconds a process has to be hung to display an alert. This is three times through the normal 3 second scan interval. This can be added to MemoryHogs.ini and changed there (i.e. aProcessSeconds=12 would be 12 seconds before an alert). This is to cut down on very brief Not Responding periods for processes which caused a lot of flashing popup messages in the system tray area. This number should be a multiple of 3 since the refresh cycle is 3 seconds between re-displaying the processes.

Memory Hogs v1.22:

A small program that lists processes when one or more of them are using more memory than a desired threshold. If the process is run away or frozen, left double-click it to close it. Right double-clicking will open the folder the process is running from. You can set the number of processes to list, the memory threshold then Refresh the window. The Home, End, Page Up and Page Down keys may be used to move the window quickly to any corner. You may also right-click on the program icon and choose Always Show to have the window remain visible even when no processes are over the threshold. The processes are updated every 3 seconds.

Recent changes:

v1.22 –
Added auto updater code

v1.21 –
Added Stealth Mode to hide the program completely but log all types of activity. Previous Alert statuses are saved when going to and from Stealth Mode. You can type @mhoff to turn off Stealth Mode.

v1.20 –

Added Hotstring commands to augment right-click menu for keyboarders.

@mhs    – Show On/Off
@mhh    – Hide (Show Off) or press ESCape
@mhi    – Show Program Info
@mhr    – Restart/Refresh
@mhca   – CPU Alerts On/Off
@mhda   – DISK Space Alerts On/Off
@mhra   – Used RAM Alerts On/Off
@mhpa   – Used Pagefile Alerts On/Off
@mhnra  – NOT Responding Tray Tip Alerts On/Off
@mhvl   – View Logs
@mhvs   – View Settings
@mhas   – AutoStart On/Off
@mhex   – Exit/Quit Program
@mhon  – Stealth On
@mhoff – Stealth Off

v1.19 –
Use View Log Files to pull up each file into Notepad

v1.18 –
Added Log All Alerts option to the menu. If selected, then CPU, Disk and Not Responding Alerts are logged into three separate files under c:\temp.

MHOG-CPU.csv
MHOG-Diskspace.csv
MHOG-NotResponding.csv

v1.17 –
Program always alerts on Memory Hog processes but now has a menu for CPU, Disk and Not Responding Alerts that can be turned on and off.

v1.16 –
Program has an AutoStart menu option now.

v1.15 –
Some menu item name changes.

v1.14 –
Optionally, if you set a PC name in the MemoryHogs.Ini file, the program will track free disk space and alert when it is too low. Set or add ShowDiskSpaceForPCsNamed to your computer name and you will see the window displayed if your PC has less than the desired diskspace.

v1.13 –
Process Status is now displayed. Background (window less) processes are no longer shown. Active is good, Not Responding is bad if it persists.

v1.12 –
The program starts in Always Show mode to set your initial values.

v1.11 –
An additional alert has been added for CPU. If the CPU is 90 percent loaded then the window will be displayed and the CPU percent will flash. You can set the CPU Load as you like. Some text formatting changes have also been made. CPU Load is shown when the mouse is over the program tray icon.

Still under development! hogversion hogchanges

Process Monitor / Window Logger – AutoIT scripts

WINDOWS LOGGER

In late summer of 2015, I was looking at some programming videos and ran across one showing how simple it is to run a script in the background that grabs keystrokes. This type of application is called a key logger and are usually used for “up to no good” activities. I was interested in whether I could apply this to logging how much time users spend in each application and log that information when they switch from one program to another.

My daughters are older now, but, this type of program could be used to monitor where young people (or old :-)) go on the internet, for example. Still, I thought I would pursue writing a script that I call Windows Logger. The basic theory is that the script grabs the current program name and window (document) title. It starts a timer and when it detects a different active window, it saves a log entry with the last program used and the time spent there. Some hotkeys control various features of the script as it runs unseen in the background. The program can be set to run on startup. If users request it, I can make the function key assignments changeable.

A couple of screen shots are below. The PDF documentation and executable are in here. windows-logger

process-monitor-help

windows-logger-2

 

PROCESS MONITOR

At work, we sometimes have users whose computers are very slow or have applications that frequently are hung or “Not Responding.” I felt it could be good to have a program log those events for the purpose of knowing which application(s) are misbehaving. Process Monitor is very similar to Windows Logger but it only logs entries for processes that are frozen, hung or “Not Responding” for say 20, 30 seconds or more. Many, many programs go unresponsive when computers start up or when programs are loading the first time for the day. By looking only at process that remain hung for a while, one knows that they are not working properly. Some hotkeys control various features of the script as it runs unseen in the background. The program can be set to run on startup. If users request it, I can make the function key assignments changeable.

A couple of screen shots are below. The PDF documentation and executable are in here. process-monitor

process-monitor-help

process-monitor-stats

 

 

process-monitor-csv

Simple Work Timer

While reading an online article I found a program that would total up the time spent in up to 3 applications. I thought it was worth exploring so I added the ability to track as many programs as is needed. I also added two timers, one for Slack time, one for time spent in any program in the saved list. Users can see the total time spent in each program, make the window semi transparent, etc. When you are in a program that is not being tracked, the window will be orange. Once the program has been added to the menu and you are using it, the window will be blue.

A download is found here. worktimer And screenshots are below.

The initial window
work-timer1

Choose App 1 (Not set)
work-timer2

The program is now waiting for you to click inside one of the applications you want to track time.
work-timer3

In this example, I clicked on a program called Greenshot and it is now tracking time for it.
work-timer4

Do this for each program you want to track time on. If you have more than 12 programs then click on Program Items and bump up that number.

work-timer9

work-timer5

After some time, I click on the menu and choose Timer Summary to see work-timer6

16 seconds in Greenshot, 1 second in Windows explorer, almost 5 and a half minutes of Slack or uncategorized time.

You can set how many seconds of inactivity before Idle time is counted, the number of items in to track (always make it more than you have already entered), and an optional transparency value.

work-timer7

When you are done with today’s summary then select Restart Timers to zero every one and begin tracking again.

work-timer8