Story 24-26

xiaoxiao2021-02-28  7

24. Go Paperless and Go Green

When I was in college, we were given a fixed amount of budget every semester for printing. If that wasn't enough, one could purchase some more to increase the quota. I had never reached my limit because my green habit.

Nowadays it is easier to adopt the paperless school, paperless office, paperless home; thanks to powerful PCs, tablets and smartphones. With some tablet-optimised apps, we are one step closer to going tree-free and totally mobile; you can store critical documents in the cloud; get them signed,sealed, and delivered; and get rid of every loose leaf in the carry-on.

A few of my personal favourites:

** Evernote. Supported on iOS, Android, Windows 8 (all free). Take notes, make lists, photograph snapshots, clip Web pages, and organise documents to your account for synchronising across multiple devices. It even reads your handwriting and converts it to plain text. ** SkyDrive / DropBox / Google Drive. (all free). Upload, download, share, and organise your cloud file storage. Recently I found that you can even convert files with them; for example, from PDF to JPG. ** Amazon Kindle. Supported on iOS, Android, Windows 8 (all free). It’s pretty obvious that an easy way to get rid of paper is to get rid of printed book. ** Adobe Reader + Adobe EchoSign. (all free). Adobe’s touch-optimised Reader app let you view, search, and comment on PDF documents. You can even annotate and comment on a PDF–add text, draw freehand or add sticky notes with comments. This app ties in with Adobe’s EchoSign, to let you sign documents using your finger.

25. Passwords in Browsers

It has been a while since we talked about computer securities. Recently I have learned some new tricks of hacking; for geeks, it feels like knowing new girls. Let me introduce to you in the next few weeks.

A lot of web pages offer to remember your credential, by using a notorious cookie. This is known to be a bad practice for many years. Then major web browsers like IE, Chrome, Firefox offer to save your logins and basic information for automatic form-filling. The biggest problem with saving your passwords in your browser is that it's not hard for someone who gains access to your computer to also access all your passwords. (By the way, it is not hard to gain access to your computer because most of us don’t lock computers while being away from keyboard).

In Chrome, for example, one can just go to the browser's settings and click on the show button in the preferences tab to reveal any saved password. Internet Explorer is somehow securer because it doesn't let you view saved passwords, and it also doesn't sync your data across computers. Both IE and Chrome, however, use your computer login password as the cipher for the encrypted data. Because of this, it's easy for your passwords to be revealed with tools such as Nirsoft'sWebBrowserPassView.If third-party utilities like this can recover the data, malware running under your user account might also be able to access the data.

Therefore, the bottom line is: if you don’t want to leak your passwords easily, do not save it in your browser.

26. Managing Passwords

Let us continue our discussion on passwords: How many passwords do you have? I did a little counting myself; and the number is reaching three digits easily. Among those, many are passwords relating to my work. Say for one website I administer, there are passwords for the admin user, the test user, the database connection, the code repository, any third party credentials,etc. It is required not to re-use the same password in different places (which is a good habit for you to pick up too). Now the problem is how I can remember that many passwords.

Approach #1: Save the passwords in a notepad file “MyDocument\invisible.txt” on your computer. -- Yes, this is a joke.

Approach #2: Save the passwords on your smart phone.  – Not a bad idea. But please do not put the min plain text. There are apps on either iOS or Android devices that can help you manage and encrypt the password records with a master password, such asKeeper. Also, remember to set a passcode for your smart phone.

Approach #3: If you wish to access the single source of truth everywhere easily, use online password managers. Have a try forLastPass; you will find a lot of interesting security options offered to you.

Approach #4: If you are not comfortable to store passwords online, there are quite a few local (desktop) password managers with much enhanced features. I personally useKeePass.