Wednesday, June 13, 2012

Hole To China

If you've been a regular reader of my site, you'll know that I am an avid listener to audio-books during my commute to and from work. My latest story, "A Hole to China" by Catherine M Valente is available on Lightspeed magazine's website.

This story is about an "exceptional" girl, who wants to be more like the popular crowd. She believes that she can do this by mimicing what they do.
If a child carries a shovel, for example, adults will laugh among themselves and say that the little one is digging a hole to China. This is what exceptional children do.
So, she picks up her dad's shovel one night and starts digging in the middle of the family garden. It's once she digs down deep enough that the story takes an interesting turn of events and the lore tie-ins start to get interesting. I recognize some of the lore bits from other stories I've listened to but cannot place the origins.

This is one of the side quests that I think Blizzard could tie in nicely to the MoP environment. It may be create a funny twist (especially for D3 players) because the main character's name is Tristram. Imagine a quest where you could follow Tristram into her hole in the ground and explore the underground world that it leads to. 

You'll have to listen or read the story to full appreciate what I am eluding to. You can check out all of Lightspeed's podcast here



Friday, June 8, 2012

Importance of Changing Your Passwords..

In the past month, I've received notices from 2 different agencies that my password may have been compromised. Since I have been lazy, I may have used that same password on a few different web sites. Now is the time, for me, to start seriously fixing this.

Develop a new password. A password needs to be both memorable (aka don't need to write it down) and complex. This means that you need to combine a (at least 8) variety of elements into your password, including upper and lower case letters, numbers and symbols. Too hard?? No, not really. Start with a sentence that relates to the use, then use a sort of letter to symbol 'license plate' logic.

So, let's use:
I LOVE PANDA MONKS

By replacing characters and mixing in symbols, I'd probably change that to:

!LvP@ndaM1ks or
!LuVP&aM1ks

I find a nice rhythm in my passwords, when I start with a upper-case or a symbol character, then alternate back and forth between upper and lower. SHIFT+1,L v  SHIFT P,2 ... I have a hard time remembering passwords when it flips 'wrong' or uses symbols not from the top row (i.e. ;: >< ). Took me several days to remember "2Ba*!E8>^". Often those password keeper/generating tools create passwords that I can only remember if I use the tool.

Speaking of Password keepers, yes, I use one. My personal favorite is PWSafe. It's a free, open-source application that securely keeps logons and passwords for websites that you regularly visit. Inside this tool, is the option to generate passwords that meet your prerequisites. I use this often with sites like my work passwords (like vendor's support site), so that they don't match my personal passwords.

Once you've put all your passwords into a safe place, back the file up! I once configured the password keeper app on my cell phone. It was great because I always had my phone with me, so my passwords were in my pockets. One day, I reset my phone not realizing I'd losing all my data, including those passwords. Luckily, they were still fresh in my memory, so nothing painful.

Password change frequency. Define what you feel safe with. My employer's IT department enforces a 90 day password change policy on my logon ID. If you have someone shoulder surf your password while at your desk, 90 days is 'just' long enough that you'll probably be changing it soon after it happens. 30 days would probably be better, but then our help desk is resetting a lot of forgotten passwords. This account is not that visible and my only worries are fellow employees. Hopefully, corporate HR Policy (should) deters them from using my account for bad.

My bank account password should change monthly. It's openly visible to the Internet and IMHO responsible for a much more than my work PC. This is where I'd use PWSafe to generate a complex 15 character password that combined everything under the sun. OK, my wife may hate having to use PWSafe at first, but it would definitely be better than no summer vacation fund.

Blizzard password? I'd put it on the 6 month change cycle, especially if you have an authenticator (who doesn't?). I only play the game at home; so no one to shoulder surf my password (kids are too young, wife doesn't care). My only concern would be if some how my password is captured via a malicious process on my PC (keyboard tracker, etc.) and posted to the Internet. Get enough people trying to hack my authenticator, it will eventually happen.

This Blog's password? Evidently I need to change it more often than before. Google notified me that someone in another country (Netherlands) attempted to logon my account. I believe Google actually denied them, but then locked my account until I changed my password.

Don't be green with password recycling. I know it's tempting, but try to avoid reusing the same password over and over again. Spreading a single password thin across several accounts could open you up for some serious issues later on. Especially if those passwords are similar, like your bank and credit card company both the same "UG0tMy$$?" Now with an intercepted copy of your credit report, someone could potentally have access to both accounts.

Passwords are critically important in this digital age we live in. Make sure your accounts are secure by making memorable, but complex password. Building that password from a familiar sentence, then applying a basic replacement 'formula' will help you remember it. Change it often to prevent hackers from taking advantage. If you can't remember your password, or you're worried you may forget it, post it into a secure, encrypted password keeper (and back up that file to another location). Most importantly, don't recycle the password of your battle.net id and the email account tied to it.

Soapbox: Lazy Form of Raiding

Over the summer, I spent 2 weeks with my family (parents, brother's family and my family) on the beach in Maui. It was absolutely awe...