|
|
04-20-2022, 08:12 PM
|
#21
|
Platinum Member
Join Date: Aug 2007
Location: Minnesota
Posts: 5,967
|
I haven't got facial recognition on my new MacBook Pro laptop like iPhones but they have put in a fingerprint recognition key on the keyboard which I didn't have before. A lot of websites mostly financial or first time sign on are going to two step recognition to sign on such as texting or emailing a 6 number code you then have to input. Log on here is just fingerprint recognition. You can have long passwords automatically generated and encrypted which I could not possibly remember nor store but my finger evidently knows.
__________________
Davydd
2021 Advanced RV 144 custom Sprinter
2015 Advanced RV Extended body Sprinter
2011 Great West Van Legend Sprinter
2005 Pleasure-way Plateau TS Sprinter
|
|
|
04-20-2022, 08:42 PM
|
#22
|
Platinum Member
Join Date: Aug 2010
Location: Minnesota
Posts: 12,452
|
Quote:
Originally Posted by Davydd
I haven't got facial recognition on my new MacBook Pro laptop like iPhones but they have put in a fingerprint recognition key on the keyboard which I didn't have before. A lot of websites mostly financial or first time sign on are going to two step recognition to sign on such as texting or emailing a 6 number code you then have to input. Log on here is just fingerprint recognition. You can have long passwords automatically generated and encrypted which I could not possibly remember nor store but my finger evidently knows.
|
Does it have the be the reader on that computer or could you log in on someone else's if your reader died?
|
|
|
04-20-2022, 09:28 PM
|
#23
|
Platinum Member
Join Date: Aug 2007
Location: Minnesota
Posts: 5,967
|
I can't answer that question offhand because I haven't signed on to any computer but my own. But when I first log on to anywhere and set up a password it then works on all my devices computer, iPad with different fingerprint recognition or iPhone with facial recognition I have set up. Most of my important websites I do know the passwords and if not I can get to them with facial recognition or fingerprint recognition and then I would assume if using another person's computer I would have to input them. When buying a new device the initial setup sets them up on the new computer or devise. I'm totally in the Apple sphere and Apple's iCloud servers for recovery. No Windows or Android. I do have personal passwords based on a word not in any dictionary that I have totally made up with further variations. It is not rumplestiltskin.
__________________
Davydd
2021 Advanced RV 144 custom Sprinter
2015 Advanced RV Extended body Sprinter
2011 Great West Van Legend Sprinter
2005 Pleasure-way Plateau TS Sprinter
|
|
|
04-20-2022, 09:48 PM
|
#24
|
Platinum Member
Join Date: Oct 2018
Location: MN
Posts: 520
|
Quote:
Originally Posted by booster
Does it have the be the reader on that computer or could you log in on someone else's if your reader died?
|
AFAIK, the two-factor schema implemented by technology companies, banks (etc) typically have more than one means of authenticating. For Microsoft products, that can include a push notification to your phone, a dial-back to a voice phone, etc.
Because key-loggers are still a major threat, the less often I type passwords into a web sites, phones or computers, the less likely I am to have an account compromised. On my phones and laptops I use face or fingerprint where possible.
The general trend is towards eliminating the use of passwords, relying instead on other means of authenticating.
|
|
|
04-20-2022, 10:02 PM
|
#25
|
Platinum Member
Join Date: Oct 2018
Location: MN
Posts: 520
|
Quote:
Originally Posted by felixw
What's Win11 like with regard to logging in? Why does anyone want to waste time logging in to a home PC everytime they want to use it?
|
With my near-new laptop, Windows 11 facial recognition is near-instant. With my 5 year old laptop, it's a 3-4 second delay. Fallback can be a PIN number or push notification to a phone. If set up that way, one never has to type a password on a keyboard, eliminating the risk of keylogging by a bad actor. The faceprint and PIN are stored locally, not in the cloud, so cannot be hijacked and used by a bad actor to access data in the cloud.
Quote:
Originally Posted by avanti
This is also why, despite the inconvenience, it is essential to never run your system with unencrypted storage. It is really hard to overstate how important this is in today's world.
|
Good advice.
Quote:
Originally Posted by avanti
I have no idea how good a job MS is doing these days, since I don't do anything sensitive on a PC. However, in the Apple ecosystem, all of this is extremely well though-out and implemented. That is why the FBI needs to go to Israeli intelligence to unlock an iPhone if its owner won't cooperate.
|
AFAIK, on PC's and laptops, Microsoft has very good implementations - at least as good as Apple. The major component that's missing is a functional equivalent of the Apple keychain. They have the Authenticator app, which has password management, but it's not integrated into Windows 11.
|
|
|
04-20-2022, 10:40 PM
|
#26
|
Site Team
Join Date: Jul 2013
Posts: 5,428
|
A little "delighter" that has shown up in recent versions of Safari is a feature whereby the browser detects a 2-factor authorization dialog and automatically pastes the code into the "input your code here" field as soon as it is delivered via SMS. Made me smile.
__________________
Now: 2022 Fully-custom buildout (Ford Transit EcoBoost AWD)
Formerly: 2005 Airstream Interstate (Sprinter 2500 T1N)
2014 Great West Vans Legend SE (Sprinter 3500 NCV3 I4)
|
|
|
04-20-2022, 10:46 PM
|
#27
|
Platinum Member
Join Date: Mar 2014
Location: Herndon, Virginia
Posts: 507
|
I have used 1 Password for years and am presently testing out Bitwarden. I love 1 Password and am using the original purchased version. They keep bugging me to "upgrade" to the subscription model, which is why I am testing Bitwarden, which is free. I access 1 PW with a single long and complex PW which is easy to remember because it is the only one I have to memorize. My encrypted PW vault is stored in the cloud in Dropbox so I can access it anywhere on any machine. I also take advantage of 2 factor ID. I am exclusively MAC: I left Uncle Bill's Windows a long time ago and have watched the steady parade of Zero day exploits and patches from Vista, Win 8, Win 10 and now Win 11...142 critical security patches last Patch Tuesday, that has to be a record. OH, and MAC OS can talk to you in UNIX.
|
|
|
04-20-2022, 10:49 PM
|
#28
|
Site Team
Join Date: Jul 2013
Posts: 5,428
|
Quote:
Originally Posted by JohnnyFry
I have used 1 Password for years and am presently testing out Bitwarden. I love 1 Password and am using the original purchased version. They keep bugging me to "upgrade" to the subscription model, which is why I am testing Bitwarden, which is free. I access 1 PW with a single long and complex PW which is easy to remember because it is the only one I have to memorize. My encrypted PW vault is stored in the cloud in Dropbox so I can access it anywhere on any machine. I also take advantage of 2 factor ID. I am exclusively MAC: I left Uncle Bill's Windows a long time ago and have watched the steady parade of Zero day exploits and patches from Vista, Win 8, Win 10 and now Win 11...142 critical security patches last Patch Tuesday, that has to be a record. OH, and MAC OS can talk to you in UNIX.
|
Why do you choose third-party pwd management rather than the native Apple stuff? Not being critical--just curious.
__________________
Now: 2022 Fully-custom buildout (Ford Transit EcoBoost AWD)
Formerly: 2005 Airstream Interstate (Sprinter 2500 T1N)
2014 Great West Vans Legend SE (Sprinter 3500 NCV3 I4)
|
|
|
04-20-2022, 11:01 PM
|
#29
|
Platinum Member
Join Date: Mar 2014
Location: Herndon, Virginia
Posts: 507
|
I have been using 1 PW since long before Apple initiated Keychain. I do also use Keychain, but I have a boatload of legacy stuff in 1PW. It also holds stuff like my Passport, Drivers license and notes of things like combination lock combinations.
|
|
|
11-30-2022, 07:35 PM
|
#30
|
New Member
Join Date: Nov 2022
Location: Derbyshire
Posts: 1
|
Is win11 still free to upgrade from win10 or do you need to pay for it now?
|
|
|
12-02-2022, 03:59 PM
|
#31
|
Platinum Member
Join Date: Nov 2017
Location: Michigan
Posts: 268
|
Quote:
Originally Posted by firemanbenz
Is win11 still free to upgrade from win10 or do you need to pay for it now?
|
We're continuing to receive Microsoft solicitations to upgrade so we suspect the upgrade remains free.
On the bigger issue, we're glad we found this thread before making the decision to upgrade as our storage is a file-server (NAS) that many computers access. Can anyone comment on how this new 'encryption' is handled on external storage devices and, if such external servers are encrypted, how do the multiple other computers gain access to this common encrypted data?
__________________
2016 159" High Top DIY ProMaster with 500ah Starlight Solar/Elite LiFePo4, 930 watts Hyundai Solar w/MidNite Solar Classic MPPT, Magnum 2812/MMP250-60S Charger/PSW w/remote, Nations 280amp 2nd Alternator with DIY [formerly, Balmar] regulator, NovaCool R4500 12/120v frig, 2 burner TruInduction cookstop, SMEV 8005 sink, FloJet R4426143 pump. No A/C or indoor washroom.
|
|
|
12-02-2022, 04:13 PM
|
#32
|
Platinum Member
Join Date: Aug 2010
Location: Minnesota
Posts: 12,452
|
Quote:
Originally Posted by Winston
We're continuing to receive Microsoft solicitations to upgrade so we suspect the upgrade remains free.
On the bigger issue, we're glad we found this thread before making the decision to upgrade as our storage is a file-server (NAS) that many computers access. Can anyone comment on how this new 'encryption' is handled on external storage devices and, if such external servers are encrypted, how do the multiple other computers gain access to this common encrypted data?
|
That is very interesting question. Most don't have that kind of system, but data protection in general is very important to me.
Microsoft appears to be expanding from the OneDrive routine that has been around for a while which was always intruding and generating uploads of data when it was on my computer. It would lock the files on the computer so you had to connect to Microsoft to see or use them and when you did that is copied and locked even more files. It would also turn itself on at every update and upload anything that it didn't already have. I still have several folders/files on my computer that are locked and unopenable from then.
The encryption with Microsoft holding the key is very similar, I think, as they will be controlling all the access to all of your data if you let them do it. The way they turn stuff on during updates is a scary thing about it will happen with the encryption also.
I can't imagine how that could wreak havoc on a server where more than your computer are storing things.
Encryption isn't necessarily bad, but I want the stuff stored on my computer or backup drive and I want to hold the key.
|
|
|
12-02-2022, 04:37 PM
|
#33
|
Site Team
Join Date: Jul 2013
Posts: 5,428
|
Quote:
Originally Posted by booster
Encryption isn't necessarily bad, but I want the stuff stored on my computer or backup drive and I want to hold the key.
|
Encryption isn't just "not bad," it (IMO) is getting very close to being absolutely essential. Essential services (banking, government credentials, etc) are rapidly moving 100% on-line. Although lots of people try to opt-out of this (and I don't really blame them), this is becoming increasingly untenable. And living an on-line life without end-to-end encryption is insane. If your stuff is not "at rest" encrypted on your mass storage devices, a physical breach of your equipment could be catastrophic. (This is particularly relevant to RVers, since we inevitably carry much of our digital stuff around with us in less-than-secure vehicles).
That said, I couldn't agree more about the importance of keeping exclusive personal control of your keys--for so many reasons I won't even get started. I know that people either love Apple or they hate it, but if this issue is important to you (and it should be), you should take a careful look at how they comport themselves when it comes to end-to-end encryption and key management. Whatever you think of their other design decisions and business practices, their commitment to delivering both security and privacy has no peer in the industry. Those cases in which the FBI has to go to Israeli government hackers to crack an iPhone are telling.
__________________
Now: 2022 Fully-custom buildout (Ford Transit EcoBoost AWD)
Formerly: 2005 Airstream Interstate (Sprinter 2500 T1N)
2014 Great West Vans Legend SE (Sprinter 3500 NCV3 I4)
|
|
|
12-02-2022, 04:38 PM
|
#34
|
Platinum Member
Join Date: Oct 2018
Location: MN
Posts: 520
|
Quote:
Originally Posted by Winston
On the bigger issue, we're glad we found this thread before making the decision to upgrade as our storage is a file-server (NAS) that many computers access. Can anyone comment on how this new 'encryption' is handled on external storage devices and, if such external servers are encrypted, how do the multiple other computers gain access to this common encrypted data?
|
Modern operating systems (IoS, Android, Windows 10+) default to encrypted local file systems. I.E. - It's possible that your local file system is already encrypted (Control Panel/Manage Bitlocker). Once a file is transferred to a networked file server (or NAS) it's automatically unencrypted. Whether or not the file server or NAS re-encrypts when storing the file is dependent on the configuration of that device. If configured to encrypt storage, the files will be automatically encrypted when stored, and unencrypted when they are accessed via the network.
|
|
|
12-02-2022, 04:54 PM
|
#35
|
Site Team
Join Date: Jul 2013
Posts: 5,428
|
Quote:
Originally Posted by @Michael
Modern operating systems (IoS, Android, Windows 10+) default to encrypted local file systems. I.E. - It's possible that your local file system is already encrypted (Control Panel/Manage Bitlocker). Once a file is transferred to a networked file server (or NAS) it's automatically unencrypted. Whether or not the file server or NAS re-encrypts when storing the file is dependent on the configuration of that device. If configured to encrypt storage, the files will be automatically encrypted when stored, and unencrypted when they are accessed via the network.
|
This correctly describes "traditional" network file servers, and the majority of consumer-level computing probably still works this way. However, it is NOT state of the art. Modern techniques employ "end-to-end" encryption, in which the data are NEVER decrypted, either when at rest or in motion. Unfortunately, to avail yourself of this level of protection often means buying into a single-vendor ecosystem. I haven't been tracking efforts as open-standards for cross-vendor end-to-end encryption, but I am sure it will emerge eventually.
FWIW, here is Apple's current take on all of this:
https://support.apple.com/en-us/HT202303
__________________
Now: 2022 Fully-custom buildout (Ford Transit EcoBoost AWD)
Formerly: 2005 Airstream Interstate (Sprinter 2500 T1N)
2014 Great West Vans Legend SE (Sprinter 3500 NCV3 I4)
|
|
|
12-02-2022, 05:11 PM
|
#36
|
Platinum Member
Join Date: Nov 2017
Location: Michigan
Posts: 268
|
Quote:
Originally Posted by booster
Microsoft appears to be expanding from the OneDrive . . .
|
Quote:
Originally Posted by avanti
Encryption isn't just "not bad," it (IMO) is getting very close to being absolutely essential . . . (This is particularly relevant to RVers, since we inevitably carry much of our digital stuff around with us in less-than-secure vehicles).
I know that people either love Apple or they hate it . . .
|
Quote:
Originally Posted by @Michael
Modern operating systems (IoS, Android, Windows 10+) default to encrypted local file systems . . . Once a file is transferred to a networked file server (or NAS) it's automatically unencrypted . . .
|
We are very conscious of back-ups . . . while traveling we typically maintain the server and 2 additional backups. When we arrive at home, we place another copy off-premises and update 2 more copies at our home. Annually, we take a complete back-up to a safe deposit box. This has saved us . . . as, over the years we've been hit with ransom viruses three times (we've tightened our 'practices' and hopefully are now less susceptible because, back-ups notwithstanding, fixing computers and servers hit by such viruses can be multiple day projects).
Because of the above-noted extensive 'terrestrial' back-ups, we have elected NOT to use cloud based storage. Further reasons include: 1) we're not always connected to the Net; 2) Net services disappear or become suddenly more expensive; 3) It now takes 12TB to back-up all our data - - with our often questionable connections to the Net, moving this much data can be impractical and, we assume, costly.
But, Avanti, you have us rethinking 'protection'. Currently all our life secrets are carried with us in the RV on the noted NAS/Server. And it is unprotected. So our challenge will be to discover/configure an encryption system for our Asustor server. Any suggestions are welcome.
As for Apple, guess we're one of the 'haters' - - mostly because we've been playing with DOS/Windows for over 3 decades and are not anxious to swap-out many devices and learn a new system. Further, much of what we do is based on Windows based programs.
So, we're hoping that Windows 11 will not interfere with our 'terrestrial' system of file storage and backing up and will allow us to develop a separate system of encryption.
__________________
2016 159" High Top DIY ProMaster with 500ah Starlight Solar/Elite LiFePo4, 930 watts Hyundai Solar w/MidNite Solar Classic MPPT, Magnum 2812/MMP250-60S Charger/PSW w/remote, Nations 280amp 2nd Alternator with DIY [formerly, Balmar] regulator, NovaCool R4500 12/120v frig, 2 burner TruInduction cookstop, SMEV 8005 sink, FloJet R4426143 pump. No A/C or indoor washroom.
|
|
|
12-02-2022, 05:17 PM
|
#37
|
Site Team
Join Date: Jul 2013
Posts: 5,428
|
Quote:
Originally Posted by Winston
As for Apple, guess we're one of the 'haters' - - mostly because we've been playing with DOS/Windows for over 3 decades and are not anxious to swap-out many devices and learn a new system. Further, much of what we do is based on Windows based programs.
|
I want to be completely clear that I am in no way trying to convert anyone to Apple. I totally get the costs of changing, even if one wanted to, which many don't. Moreover, I hope that this thread doesn't turn into an Apple vs MS debate. (if it does, I will put my moderator hat on and start by deleting my own message.)
The ONLY reason I mentioned Apple is because their security/privacy model is genuinely state-of-the-art and worth understanding.
__________________
Now: 2022 Fully-custom buildout (Ford Transit EcoBoost AWD)
Formerly: 2005 Airstream Interstate (Sprinter 2500 T1N)
2014 Great West Vans Legend SE (Sprinter 3500 NCV3 I4)
|
|
|
12-02-2022, 05:33 PM
|
#38
|
Platinum Member
Join Date: Oct 2018
Location: MN
Posts: 520
|
Quote:
Originally Posted by Winston
So our challenge will be to discover/configure an encryption system for our Asustor server. Any suggestions are welcome.
|
From a quick read of ASUSTOR docs, it looks like it supports folder encryption. That might be a good place to start.
Quote:
Originally Posted by Winston
So, we're hoping that Windows 11 will not interfere with our 'terrestrial' system of file storage and backing up and will allow us to develop a separate system of encryption.
|
I'm pretty sure you'll still be compatible. Windows 11 has disabled a very old file share protocol (SMB/CIFS 1.0), but it's unlikely that you are using it.
|
|
|
12-02-2022, 06:07 PM
|
#39
|
Platinum Member
Join Date: Aug 2010
Location: Minnesota
Posts: 12,452
|
When I got the current PC probably 4 years ago, Microsoft was making it near impossible to get Windows 10 activated as standalone account and would make you have an MS account and always sign in through them. The got so much flack on it that they finally backed off and made it so you setup as standalone, but to do it I still had to have an MS account or they wouldn't do updates.
As Avanit said, they are all trying to lock you into their system by holding you kind of hostage with your own security protections.
My question would be...How secure are the encryption keys at Microsoft? Hackers have been able to get into essentially anything if it is worth their time, I think. What would all those keys be worth?
|
|
|
12-02-2022, 07:04 PM
|
#40
|
Platinum Member
Join Date: Oct 2018
Location: MN
Posts: 520
|
Quote:
Originally Posted by booster
My question would be...How secure are the encryption keys at Microsoft? Hackers have been able to get into essentially anything if it is worth their time, I think. What would all those keys be worth?
|
Info on Onedrive Security
FWIW - I made the decision to 'trust the cloud' years ago.
I used to roll my own home backups using tools I wrote that were equivalent to Apple's Time Machine (and preceded Time Machine by many years), with rotated offsite backups & etc. Given the capability of modern cloud providers, I'm more than happy to offload that to a cloud provider.
Before I retired, I helped initiate a migration of billions of records of finance, HR and student data, hundreds of millions of staff and student files, a million identities and hundreds of thousands of e-mail accounts to cloud providers (mostly Microsoft).
Jumped in with both feet.
--Mike
|
|
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|