I've been recycling passwords based on two themes from past experience that aren't particularly clever. My strat is not swoll, and it keeps me guessing as to which permutation belongs to which account.
This is the experience and modus operandi of many when it comes to online security--bank accounts, the email account you use to change ALL of your passwords with, bill paying, online vendors, social media, work benefits, etc.
What if you lost access to that primary email account? Would you be excited and capable to start from scratch? I'm going to be frank--for me it would be devastating.
Fortunately password managers have been around for quite some time. There are feature-rich, subscription services and more spare, manual intensive (sometimes free) offerings, and everything in between.
Recently I started using KeePass 2.
This manager uses a locally stored, encrypted file to house passwords. It is opened with either a master password, or a master password + unique key file.
I'll detail my setup, because I think it's flexible enough for anyone to use it reasonably easily (security geeks will cry because it totally mitigates KeePass 2 advantage of having a local file, but I'm ok with that because I'm a nobody, and this is very convenient).
Requirements:
USB drive (cheap, probably laying around)
Dropbox (or other cloud storage drive--most are free to use for the basic version)
KeePass 2 software (open source, free to use)
KeeAnywhere (free to use plugin | getting started)
HaveIBeenPwned (free to use plugin)
Process:
1. I downloaded the latest version of KeePass 2 to my primary desktop at home. This will include the ability to use multiple computers, and even a work computer. You can use the "Installer for Windows" .exe file if that's appropriate for your system. There are many supported systems.
2. After install, you need to create a database for your passwords: File > New. This is where you will set your master password. YOU MUST NOT FORGET THIS PASSWORD, BUT IT WILL BE THE ONLY ONE YOU NEED TO REMEMBER (and you can add a key file if you choose--don't lose that either if you choose to go that route).
First steps
To follow the method I use, you should save this database file in a cloud storage drive (Dropbox, Google Drive, etc.). The installation you did on your home computer will allow you to select it locally if you have Dropbox or another cloud storage program installed on your computer.
3. Now that you have a database you can start adding to it. I did this by looking at the passwords I was storing in my browser, and adding those first--then remove them from your browser! You can add them all at once, or slowly accumulate them as you remember which accounts you actually have. You're now set up to use the software with your current passwords without relying on an unsecured browser to remember them, or you can use the built-in password generator to change to better passwords.
4. To use the same synced database on multiple computers however, we have to (maybe) use a plugin. This is the KeeAnywhere plugin linked above. It lets you open a database file from cloud storage.
On the second computer you will be using (maybe a laptop), install KeyPass 2.
If you already have your cloud storage accessible locally on this computer (e.g. you're running Dropbox) then you're all set, and can just open your file from wherever your Dropbox files are stored.
However, if you don't have your cloud drive running with local files on your computer you'll need KeeAnywhere.
Go to the "getting started" page I linked above and add the plgx file to your "Plugins" folder located wherever you installed KeyPass 2 to (probably in "Program Files" somewhere. To install the plugin, you'll need to close then re-open KeyPass 2.
It usually requires admin access, so you may not be able to do this at work (Side note: my work IT allowed me to install KeeAnywhere because they support using password managers--it never hurts to ask).
5. After re-opening KeyPass 2, go to: Tools > KeyAnywhere Settings...
This will take you to a dialog that will let you link to accounts (first steps). You can then open your database file: File > Open > Open From Cloud Drive...
6. Cool. Now you can save your database from this computer, and because it opened the file from your cloud drive it also saves the file to your cloud drive--both computers have access to the same database. Keep in mind that this method relies on you (or the nice people at Dropbox, Google Drive, etc.) to keep your database file backed up.
7. If you want to take your database anywhere and use computers where you might not have install permissions (e.g. at work, the library, a friend's house), we can solve that too. Get out your USB drive and plug it into your computer.
Go back to the downloads page and instead of the .exe version, download the "Portable" .zip file and save it on your USB drive.
After you extract the files on your USB, you can run the program directly from the USB without needing to install it on a work or public computer.
8. Go through the same process of installing the KeeAnywhere plugin to your USB "Plugins" folder and adding the cloud drive and database of your choosing.
VOILA--now you have access to your computers in multiple locations.
===================================================
But your passwords are terrible and you really need to get those cleaned up.
"Ohhhh, but I don't want to," you whine, "nobody will care about stealing anything from little old me."
It's funny you should think that. Your passwords have already been stolen--you've been pwned. Don't look at me! I didn't steal your data! Though I'd love to...all that sweet, juicy data :P
They were stolen from Adobe, Dropbox, LinkedIn, Gawker, Tumblr, AND SO MANY MORE!
You can even check if your email info was breached, from here.
Now that you've got a sweet database of your passwords though, let's use a plugin to check the security of your passwords, so you can change any that have been compromised.
This is when you put the plgx file from the HaveIBeenPwned plugin into the "Plugins" folder of one of your installations. You'll need to install it separately in each installation of KeePass 2 if you want the plugin available on all your computers.
After re-opening KeePass 2, go to: Tools > HaveIBeenPwned.
You can check your database by site/service, username, or password.
Use the plugin to check against both available databases provided, and then change your passwords if you haven't already. You'll have to log in to each separate account and do it manually from there.
There may be some false positives due to the way the search is run, but you can be pretty confident that if you used the password generator to change one and had between 15 and 32 characters (upper and lower case with numbers--and maybe even special characters), that your password is secure.
Happy safe passwords.
AND REMEMBER TO DEFINITELY NOT FORGET YOUR MASTER PASSWORD.
Put it in a safe or something if you need to.
Sunday, July 22, 2018
Saturday, June 02, 2018
An emphatic no
Will Calvin be a Comprehensive Liberal Arts College or a Liberal Arts University?
This question was being considered at a panel discussion I attended last fall, and questions were being asked as to the questions we should ask when considering such a question. Ha! I know.
In the time between when I started this post and its publication the question has been answered: yes.
I concede that this question is relevant, valuable, and necessary to consider for the health of Calvin as it continues into the 21st century.
As an engineer I scream: "Calvin should not be a Liberal Arts University!!!!*"
*whatever L.A.U. means, and however you define it, which is still being worked out in earnest
Perhaps there is room for compromise: "engineering at Calvin should not be expected to expand into an R1 mode!!!!"
It feels like I'm deflecting from the question at hand, however I think the case of engineering maps reasonably well to the rest of the departments at Calvin.
Our engineering department is great at many things. We have dedicated, knowledgeable teachers who come from diverse industrial and academic backgrounds and disciplines. These women and men care deeply about engineering, love the discipline, and care for the health and edification of their students--faculty at R1 institutions also care deeply about their students, however their primary focus in many cases is facilitating excellent research programs, which is a beneficial yet fundamentally different aspect of education and the academy. The primary focus for Calvin faculty is not on grant applications and research program direction.
It's not about being approachable (the doors to faculty offices at R1's are open to students), but rather has to do with the focus of the faculty. Intention gets you far, but purpose is at the heart of Calvin's devotion to equipping students (recite it with me! with gusto!) to think deeply, to act justly, and to live wholeheartedly as Christ's agents of renewal in the world.
I loved the time I spent in graduate study at an R1 institution. It gave me an enormous appreciation for R1 institutions, and more so for the engineering program at Calvin College.
As a TA in engineering, it was clear that while undergraduate students were to be cared for, research was the focus and the important factor. I have never felt this sentiment at Calvin while as a student, nor while as a member of the teaching staff. We do excellent research here--it remains student-focused.
Calvin is good at letting students do any and all of the things they desire (though it may take a bit of time) because Calvin is hyper-permeable. Debra Rienstra, of the english department, made a great point about permeability in education, and allowing students the option to passionately study engineering and music, for example. This is so easy to do at Calvin--talented students do it often.
Personally I was able to pursue both chemical engineering and chemistry majors (a pairing that dovetails almost too easily) and felt integrated and welcomed in the chemistry department though my degree would ultimately be in engineering. I also personally know many students who have combined music with engineering, or public health, or literature--permeability!
The matter of purposeful student development is of real practical meaning and action to me. I taught at Calvin for a few years now and have found renewed purpose and academic redemption of sorts.
So what does Calvin gain? An excerpt from the official press release:
I truly don't see what the university structure of colleges versus departments will do to facilitate "increased collaboration" and innovation. Innovation and cross department collaboration have been happening for years: ISRx a project melding biology and chemistry departments, and the various interims and summer programs that unite business, engineering, and german programs are two prominent examples that have paid enormous dividends for the departments in question.
Finally let's consider the professional programs. From the standpoint of engineering, I just don't see where the funding is going to come from to provide for post-baccalaureate educational opportunities. Our engineering building is already at capacity hosting senior design team efforts. Where are the research facilities going to appear from for students to do thesis research on one or two year master of engineering programs? Where is the lab space going to open up for chemistry or biology PhD work? No one is arguing for an immediate ascent to R1 status of course, but I also haven't seen a coherent vision of what Calvin University will mean for the different departments/colleges. Certainly such a vision would not need to be set in stone, but I haven't heard even a whiff of a plan for my department, and that concerns me.
Calvin seems to be doing just fine without a 'university structure.' I truly hope that this choice was not made for feathering caps, and prestige.
We'll see what visions develop.
This question was being considered at a panel discussion I attended last fall, and questions were being asked as to the questions we should ask when considering such a question. Ha! I know.
In the time between when I started this post and its publication the question has been answered: yes.
I concede that this question is relevant, valuable, and necessary to consider for the health of Calvin as it continues into the 21st century.
As an engineer I scream: "Calvin should not be a Liberal Arts University!!!!*"
*whatever L.A.U. means, and however you define it, which is still being worked out in earnest
Perhaps there is room for compromise: "engineering at Calvin should not be expected to expand into an R1 mode!!!!"
It feels like I'm deflecting from the question at hand, however I think the case of engineering maps reasonably well to the rest of the departments at Calvin.
Our engineering department is great at many things. We have dedicated, knowledgeable teachers who come from diverse industrial and academic backgrounds and disciplines. These women and men care deeply about engineering, love the discipline, and care for the health and edification of their students--faculty at R1 institutions also care deeply about their students, however their primary focus in many cases is facilitating excellent research programs, which is a beneficial yet fundamentally different aspect of education and the academy. The primary focus for Calvin faculty is not on grant applications and research program direction.
It's not about being approachable (the doors to faculty offices at R1's are open to students), but rather has to do with the focus of the faculty. Intention gets you far, but purpose is at the heart of Calvin's devotion to equipping students (recite it with me! with gusto!) to think deeply, to act justly, and to live wholeheartedly as Christ's agents of renewal in the world.
I loved the time I spent in graduate study at an R1 institution. It gave me an enormous appreciation for R1 institutions, and more so for the engineering program at Calvin College.
As a TA in engineering, it was clear that while undergraduate students were to be cared for, research was the focus and the important factor. I have never felt this sentiment at Calvin while as a student, nor while as a member of the teaching staff. We do excellent research here--it remains student-focused.
Calvin is good at letting students do any and all of the things they desire (though it may take a bit of time) because Calvin is hyper-permeable. Debra Rienstra, of the english department, made a great point about permeability in education, and allowing students the option to passionately study engineering and music, for example. This is so easy to do at Calvin--talented students do it often.
Personally I was able to pursue both chemical engineering and chemistry majors (a pairing that dovetails almost too easily) and felt integrated and welcomed in the chemistry department though my degree would ultimately be in engineering. I also personally know many students who have combined music with engineering, or public health, or literature--permeability!
The matter of purposeful student development is of real practical meaning and action to me. I taught at Calvin for a few years now and have found renewed purpose and academic redemption of sorts.
So what does Calvin gain? An excerpt from the official press release:
Le Roy says the rationale for Calvin becoming a university is strong, including Calvin’s strength, breadth, and depth of its academic programs; new opportunities for academic innovation; and the college’s increasing influence with students and higher education partners around the globe. The college also has a large international student population for whom “university” is more visible and better understood than “college.”The bulk of the argument seems to hinge on recognition from international students. I understand the idea that with declining domestic enrollment, it will be key to bolster international recruitment and admissions. But surely reputation and name recognition go beyond the distinction between 'university' and 'college.' Are we now relying on a prospective student or parent to perk up at reading 'Calvin University' on print material, when 'Calvin College' would have caused them to merely gloss over it and move on? This is a weak premise to hang our hat on. Since I've heard 'international recognition' repeated more than almost any other talking point, I don't think this is a mischaracterization.
Calvin leaders also see the university structure combined with increased collaboration as creating a more prominent platform for the institution to express its mission through opportunities and innovation within and across disciplines, professional programs, and centers and institutes.
“A move to a university with a liberal arts foundation both names what we already do and liberates us to do that work better,” said Kevin den Dulk, political science professor at Calvin College and executive director of the Henry Institute. “I’m especially enthusiastic about using the university structure to expand our global reach, which is already considerable yet has a lot of room to grow.”
I truly don't see what the university structure of colleges versus departments will do to facilitate "increased collaboration" and innovation. Innovation and cross department collaboration have been happening for years: ISRx a project melding biology and chemistry departments, and the various interims and summer programs that unite business, engineering, and german programs are two prominent examples that have paid enormous dividends for the departments in question.
Finally let's consider the professional programs. From the standpoint of engineering, I just don't see where the funding is going to come from to provide for post-baccalaureate educational opportunities. Our engineering building is already at capacity hosting senior design team efforts. Where are the research facilities going to appear from for students to do thesis research on one or two year master of engineering programs? Where is the lab space going to open up for chemistry or biology PhD work? No one is arguing for an immediate ascent to R1 status of course, but I also haven't seen a coherent vision of what Calvin University will mean for the different departments/colleges. Certainly such a vision would not need to be set in stone, but I haven't heard even a whiff of a plan for my department, and that concerns me.
Calvin seems to be doing just fine without a 'university structure.' I truly hope that this choice was not made for feathering caps, and prestige.
We'll see what visions develop.
Subscribe to:
Posts (Atom)