WordSequence For KeePass 2 = XKCD Passwords

If you’re not familiar at all with the title, click here to check out the fabulous comic in question.

“Lolz” right? Well I completely agree with it – and I’m finding that my passwords are getting longer and longer and you really have no hope of remembering them. Take at look at this monster: !J$?e04uGh=eDP (89 Bits) You have no choice but to store this in a program like KeePass, never actually look at it, and hope that your password database stays backed up. ๐Ÿ™

Password enforcement has gotten better, and worse at exactly the same rate. Here’s an example excerpt from Cal Poly’s password document. (This was discovered when my sister in-law tried 15 times to make a password that she could actually remember for her access):

Passwords must contain at least one character from three of the following lists:
1. Uppercase Alphabetic (Aโ€Z) 2. Numbers (0โ€9) 3. Lower case Alphabetic (aโ€z) 4. These Special Characters are allowed:ย ! $ % & , ( ) * +ย โ€ย . / ; : < = > ? [ \ ] ^ _ { | } ~ These special characters are not permitted: # " @ and the space character

Passwords must not contain any of the following:
1. Your previous passwords used within the last two (2) years 2. Passwords less than 16 characters must not contain any of the following: a. Any words of three or more characters, including nonโ€English words b. Any groups of three or more characters of the same character type c. Any names, person, places, or things found in a common dictionary d. Any of your names (first, middle, last), any current Cal Poly username e. Repetitive characters (sequences)

The second part ensures that no password can be easily memorized. This string has to be written down. Once it’s written down, the whole reason for having passwords fails everyone, and after staring at the logic for 5 minutes I came up with something like this: 50Fu40Yo (42 Bits)

If you network admins are listening, you need to get over trying to corner users into crazy strings of letters and numbers. Dictionary words are easy to guess, but strings of dictionary words with random characters in there are just as good, if not infinitely better for users to actually remember. Lets look at this example: Wool+BladeFriction5 (105 Bits) A brute force attack is just going to go through every possible character in every possible position, and there’s 19 of them. Now for our ‘easy to remember’ Cal Poly password, the length is only 8 because I would never actually want to make it more then the minimum. Do you want a short useless password that gets written down? Or a long somewhat complex one that is memorized?

The challenge is to make a complex password that is easy to remember. The password should also satisfy usual requirements for length, capitalization, and numbers or uncommon characters. Here’s what I use:
KeePass 2 & WordSequence

Search the web and drop a couple thousand words (I used nouns and prepositions) into the window. I came up with some common substitutions (like @ for a, etc. – ‘b@ke m0re p1e’) and created complex easier to remember passwords like: Cheese4TigerDinner! (88 Bits) Most normal websites would accept this as a excellent password for the length and the special characters, and most humans could remember the phrase: Cheese for tiger dinner!

How to find and organize gmail lost archived items.

Since we started the 21st century, I use the week between Christmas and New Year’s Day to clean house digitally. A synchronization of clocks, time servers, updates, firmware, and yearly maintenance with all things containing zeros and ones. The deleting of old emails, spam, and the archival of a picture folder entitled “2011.”

This year I stumbled on an interesting thing that gmail doesn’t do. It won’t show you mail that doesn’t have a label. Any mail that you “archived” to get off your in-box, without any categorization, dropped into this pit mixed with thousands of other labeled emails. Looking for these orphaned emails would involve looking through hundreds of pages of “All Mail.” I archived them for a reason (to go through them one day) otherwise I would have deleted them. Little did I know that finding these orphans would prove to be a challenge.

“Why do I need to see those old archived emails? If I ever need anything I’ll search for it and find it. “ – you might say.
The answer is the same as why you need a photo album and still like pawing through SkyMall. We are nostalgic creatures and sometimes (at least once a year) like to reflect on the past. Plus, a full catalog of information can result in more discovery. I’ll give two examples: 1. After rescuing my archived items I found a webcam picture of my dad with a cast on his arm. I barely remembered he broke it and seeing this picture gave me the memories back. 2. Listing out every sub-domain for UCI one day resulted in passport.uci.edu – weird way to find out that the University had its own passport office 1/4 mile from your house and you didn’t need to trek all over Orange County for mini-pictures and wait in a Post Office queue. I never thought either of these things existed and certainly wouldn’t have searched for them.

Gmail ninjas know about the Gmail advanced search options, but even here it specifically states: “There isn’t a search operator for unlabeled messages” Further searches looking for a fix resulted in a cobbled-together list of all your labels with a minus sign in front to indicate “anything not labeled this or that or etc.” Example: -(label:Subscriptions OR label:Ebay OR label:Rally OR label:Receipts) For some of you that never adopted labels, or only use 3 of them, this is great and might just work! For the rest of us, I noticed that after typing 6 or so of them into the search box and tried lables that had “Two Words” or “funky-ch@ract3rs/” search started to break. I think that nested labels makes this worse, but I stopped the experiment as I currently use 20+ labels.

In order to find your (labeled items archived in-box stuff orphaned never) you’re going to have to make the LIAISON pledge:

I {insert name here} promise to never blindly press the gmail archive button. I promise to make sure that 1 or 2 labels have been attached by filter or by my own key-press AND furthermore I promise to guard the secrets and ways of the Gmail ninja, never using my powers for evil.

Alright ninjas…
Add the ZZZ label

  • Start by making a new label. Something that you can search for in the future like “ZZZ”.
  • You will repeat the next steps many times as you go through all your labeled email.
  • START: View all of the mail in one label and click on the check-box in the upper left to select all mail.
  • At the top of the mail items a message will appear:
  • All 100 conversations on this page are selected. Select all ### conversations in “{your label}”
  • Click the link and now all the mail in that label is selected (be careful here)
  • Choose to add the ZZZ label to you messages:

  • Google with respond with a message. Feel free to click OK.
  • Find the rest of your ย labels and tag them with ZZZ. It took me 5 minutes and you’ll never have to do it again.
  • If you still have labeled email to tag with ZZZย goto START
  • See that wasn’t so bad. ๐Ÿ˜€ Unless you have like 500 labels. ๐Ÿ˜
  • If you do have more than 100 labels, I suggest 43 Folders.
  • Done!

Now you can use this magical search string:

-label:zzz -from:me -is:chat -in:inbox

Go ahead and paste that into your email search box. This means: Show me everything that IS NOT labeled ZZZ, that IS NOT from me, IS NOT a chat, and IS NOT already in the inbox. Since you tagged all the email you know about with ZZZ, items orphaned with no labels were not tagged. Your long lost archived items will appear! I had about 150 items that I selected and placed back into the inbox for me to go through in the next couple days.

What’s next?

  • Delete the ZZZ label now that you have no further use for it.
  • Never blindly hit the archive button again. You promised! ๐Ÿ™‚
  • Get Google to make a search parameter for “label = null”
  • Enjoy your discovered conversations from the last few years!

Have a happy and prosperous New Year!

mcafeesecure password security fail

I’ve been using KeePass at the office and have really started letting it manage the hundreds of passwords I need to keep track of as a systems admin. Out of all of the sites I use, this one surprised me. The default 20 character KeePass password has failed mcafeesucure.com. Really? Too long? For a website security company 16 characters is all you need apparently. Even their giant text box html can handle 40 characters! ๐Ÿ™

Gap-less play in Winamp – really?!

File this under:Things I should have figured out in 1997.” Today I was listening to The Police – Zenyatta Mondatta very loudly. Between track 2 and 3 there was a dramatic gap that I could fit a truck into. Out of nowhere this made me think: It’s 2010 and I can’t listen to an album in mp3 without half second gaps? I know I tried to solve this problem once in Winamp and probably just gave up on it. Probably because it’s not THAT big of a deal, I missed the right buttons to get it working, or I should have stopped using Winamp 5 years ago. ๐Ÿ˜

Well, I still use good’ole Winamp 5.0.5. Why? Because it plays MP3’s. It’s not a: download manager, media database, video player, encoder, weather bug, malware, virus, and it uses 1 process on my PC – not 5 and 3 applications plus 2 services that stay resident in memory should I decide to plug in my portable music player. /rant When it installs by default the gap-less play is not enabled. No time like 13 years later to fix something.

Fix this by going to Preferences (Ctrl + P) / Output / DirectSound / Configure
Set buffer ahead on track change to something more then ZERO. Five hundred worked for me.
Check ‘remove silence at the beginning – end of track’.

Games for Windows LIVE gets me over a barrel.

Last night my friends and I wanted to play some Dawn of War II. I bought the game sometime last year and it’s been installed and running perfectly on my PC. I start the game on Steam and it tells me that a Windows LIVE update needs to be downloaded. I wait for the blue bar to finish and I get a message that says I “may” need to restart when finished. Dawn of War II closes and I get dropped to desktop with no further explanation. I repeated this update process about 5 times with the same results. I then tried to install GFWL (Games for Windows LIVE) gfwlivesetup.exe

Games for Windows LIVE needs SP3

Oh I see. So now I can’t play a game that I paid $50 for – on my stable SP2 XP machine. The machine that played this game perfectly fine a few months ago now needs SP3 or else. There is no work-around and no way to bypass the service pack check. (Although I would bet money that if the SP check were removed from the installer, it would function fine.) No, I see this for what it is: Microsoft forcing their OS upgrades down your throat. I have two choices: Upgrade to SP3 for the next 3 hours and figure out what it broke over the next two weeks, or uninstall Dawn of War II, and play it on my new Windows 7 PC I’m planning to build in a month. OR MAYBE I’ll never re-install it and never buy another “Games for Windows LIVE” game again.

Either way, instead of a fun game night, Microsoft has ruined it and made me think twice about their product offerings. Thanks Games for Windows! ๐Ÿ˜€

ix2 NAS Drive Failure.

I was copying pictures to my network drive and I noticed that it was responding slowly. Taking a good ten seconds to draw a .jpg preview. I logged into my Iomega Storcenter ix2 and the dashboard told me the news: “A drive is missing from the device”

I immediately made a backup to my workstation. Once copied, I completely shutdown the Storcenter, opened it and checked the connections. In order to see that it was a drive that had failed and not the board, I swapped the SATA cables for the two drives, tightened it all up and turned it back on.

What I next learned was that I have little patience for blinking lights. “What are you doing NAS drive?” I asked. “You respond to a ping, but that’s it.” No web interface… Well, let’s see what’s really going on. Connect via SSH and run this command: cat /proc/mdstat You’ll get actual information about what’s going on. At first I saw that the drive was rebuilding and was at 32.4% with 109 minutes remaining. A few minutes later I ran the command and got something like 33.8% with 132 minutes remaining. Okay – time to get dinner and wait for this to finish.

When I returned, the missing drive was back online and was crisis averted? Nope. The next morning I checked my email and received this from sohostoarge:
The Iomega StorCenter device is degraded and data protection is at risk. A drive may have either failed or been removed from your Iomega StorCenter device. Visit the Dashboard on the management interface for details. To prevent possible data loss, this issue should be repaired as soon as possible.

Awesome. ๐Ÿ˜ Well, at least my email script still works.
Later that afternoon I picked up a 500GB WD Caviar Green from BB for $56. The Green drives are quieter, a little slower, and use less power – great for this application. I took the ix2 apart AGAIN, and removed the barely 3 year old Seagate Barracuda 7200.11 out of the device. I know that people have hardware preferences out there, and I know they differ, but here’s mine: I don’t buy Seagate drives. Ever. I’ve been a computer tech for over ten years. (Of course I bought the ix2 without knowing it comes with 2 of them ๐Ÿ™‚ )

After closing up the drive I powered the NAS up and watched the magic. The new drive rebuilt and I got a steady blue light on my ix2 when I checked later the next day. No linux commands, no format, no partition, no RAID – just replaced the dead drive with a new one of the same size and we’re back in business. Am I pissed that this drive failed in 3 years? Sure. Did the Iomega ix2 do its job and kept my data safe? Absolutely!

If I didn’t need this data immediately I might have experimented with bigger drives, but I think I’ll upgrade to the ix4 before I ever try to upgrade the capacity of this little guy.