Category: Thought grazing

A Category to allow export to Just thoughts

Great new Plugin from Ordnance Survey for Mapping Trails

I’ve been using a WordPress Plugin called OS OpenSpace Maps for quite a while that allows the mapping of trails (I use .gpx format to record the trails) onto an OS Map.

This has worked well, but in updating a blog post I came across the information that the Ordnance Survey has produced a new plugin that works with their DataHub Maps service. This is an even better service and if you’re a low-use user, you can upgrade to the Premium level subscription to get 1:25,000 scale maps.

The map can be easily zoomed and can be clicked to take to full screen size.

Here are a couple of links to help you along the way of installing and using the plugin.

The Plugin Page on WordPress – https://wordpress.org/plugins/os-datahub-maps/

Using the OS Maps API (which you have to obtain after creating an account – https://osdatahub.os.uk/docs/wmts/overview

A guide to using the plugin – https://skirridsystems.co.uk/wordpress-plugins/os-datahub-maps/

Really neat!

 

Using a Password Manager and implementing Two Factor Authentication

Introduction – passwords, passwords, passwords.

Log in to your e-mail account. Log in to your bank account. Log in to Facebook, WhatsApp or twitter. Log in to your Amazon account, or any other retail site. Log in to your photo sharing service. Log in to Thought grazing, or any other membership based organisation eg U3A, Which?

 

Is it possible to remember the number of applications you use on a regular basis that require a password? How do you keep track of all of all those passwords?

Here are a few tricks you might have tried or considered (with hints about why you may want to steer clear of some of them):

    • Memorise passwords. This is a great technique if you use your passwords every day, but maybe not for those you only need occasionally. If you don’t use a password regularly, there’s a good chance you could forget it if you rely on your memory alone. In addition, Web browser cookies can remember your login session for days or weeks at a time, meaning you only enter the password manually once in a while even if you use it every day. This could therefore be a weakness and security breach if someone stole your computer. So to login to your computer, or connect to your bank this might be the best approach, but be mindful of the potential security breaches and use for only a limited number of uses. [NB The login credentials to your bank are not saved on your computer, but other sites may well store them in cache or cookies to make it “easier” for you to connect!]

 

    • Use the same password everywhere. Memorising a single password for every account does make life simpler. For security reasons, though, this isn’t a great idea, because it makes it easy for a hacker who finds your user name and password for one account to break into your other accounts, too. So what you could do is have a base (root) password that is the same, and then add something you believe you’ll remember to identify the pairing of the password with the site (a variable). Thus making the password unique to that site. So if you wanted to connect to Boots the Chemist you might choose “B00ts&” before your root password. I gave some ideas on choosing a root password in an earlier post.

 

    • Write passwords down on paper. This is an ideal solution if you can hide the written information where no one else has access and you can remember where that place is :-). However not only is this a risk if someone finds the list, but a written list or an assortment of scraps of paper could also be lost or damaged, and you’ll need to find and update the list each time you update a password. This is most definitely the most frequently chosen option, and most certainly is the worst option too.

 

    • Write passwords into a file on your computer or mobile device. This is less likely to get lost than the paper, but you do risk losing the file if you have hardware failure. In addition, this file is as vulnerable to hackers as other files on your computer. You could encrypt it for an added layer of security, which makes this strategy similar to the next solution. I used this option for a while with the file saved on Dropbox and protected by a Password, so it was safe from loss – but it wasn’t encrypted and most definitely wasn’t very safe – but it was a safer option than the previous method.

 

    • Use password management software. Password management software is a utility you can use to save and retrieve all your passwords. This software could be a standalone application on your local computer or a feature within another application (such as your browser) – or both. This option greatly limits hackers’ possible routes to your password data while adding convenient features for organising and retrieving information. This is the strategy that is strongly recommended for everyone and for use on a single computer – it can be FREE.

When I sat down to write this piece, I obviously looked around to see whether there was any information I could reference. After I’d done that, it was clear that there was no point in me re-inventing the wheel. So I point you at this excellent introduction to Password Managers and review of the leading Password Managers out there. Read it before you go any further!.

Password managers – how do they work? Are they safe?

So you’ve read the article mentioned above? Yes – then proceed. Otherwise I really do insist you go back and read it.

So now you know there are browser-based password managers, cloud-based password managers and locally-stored password managers. You do know that, don’t you? If not, go back and read this article again!

Are they safe? – you only have to remember ONE password, the master password, and that unlocks your Password Vault. So compared with unsafe, easy to guess passwords, or scraps of paper – they are very safe; and you can’t lose them, forget them, or mislay them. They’re all in one place!

How do they work? – well, I don’t need to tell you much about this because you’ve already read this, haven’t you? Essentially, you can choose to let the Password Manager generate random passwords for every site you need to provide login credentials for, or you can provide the Password Manager with a password when prompted. I tend to do the latter using the “variable + root” approach I discussed before. It’s not that I don’t trust my Password Manager, it’s just that for many of the sites that I use frequently, it’s quicker and easier for me to supply the password because I can remember it!

Which Password Manager you choose to use is down to your situation – you could read this Review of Password Managers – which picks Dashlane and LastPass as best products. Either of these would be good to implement and use but they have different use cases. I use LastPass and pay a small amount annually so that I can use it on more than one device. I also use it because as it’s cloud-based, I can log into my LastPass account from any machine and access my online services. Dashlane lets you make the choice of local machine or cloud-based password storage – but it is not free, whilst Keepass (which is open source and free) works on a single machine, the passwords are stored on that machine – so that might be the option for you. If you only tend to use a laptop or desktop for browsing websites where you need to provide Login credentials, the free version of LastPass or KeePass is more than adequate.

Note: I do not recommend for the reasons explained in the article, that you use the Password Managers contained in your browser.

How do you use your Password Manager?

This is really beyond the scope of this article but elements of usage are covered in the two articles that have been referenced above. You should refer to the documentation for your chosen Password Manager.

What’s all the fuss about Two-factor Authentication then? Do I really need it if I’m using a Password Manager?

Well yes you do! It’s bandit country out there on the Internet. You’ll know  that if you’ve been on Have I been pwned? and seen your email address has been captured by a leak, or a hack. So it’s always possible that someone has got at least part of your login credentials, and from that it might be possible for them to request a new password – blocking you from using a service – or they may have even requested a new userid!  So that’s where 2FA comes in.

What is it though?

Essentially once you’ve implemented 2FA you’ll be asked for secondary information about yourself (Face-ID, or Touch-ID if you’re using an iPhone) or confirmation that you are the person you’re purporting to be – by asking you to supply a code that is displayed on a smartphone or other device you own, and which is to hand. Thus having your UserID and Password is not sufficient alone to access your account.

If you’ve used Online Banking recently you’ll have noticed they’ve implemented 2FA widely. In fact I believe they’ve been required to by the Banking Regulator. Thus accessing your bank from your device is intrinsically safer now than it used to be.

I’m not going to say much more about 2FA , I’m going to refer you again to a Guide rather than repeat the information myself – and quite possibly make a mistake in doing that. There are a number of sources of reference out there, from Google, Apple, Microsoft but the one that I’m pointing you at is this one which I think explains things well, and also points at how to implement it for a number of popular and well-used platforms and services.

Making life easier with an Authenticator for 2FA

Wouldn’t it be nice – instead of waiting for the site you are trying to access to send you a code to type into the box they’ve provided – if you could just look at your phone and see a code on it that you could then provide and type in?

That’s what an Authenticator does. Perhaps the best known is Google Authenticator – and that’s the one I use on my iPhone, but there are others. You might consider using LastPass Authenticator for instance, I’ve meant to try it out for quite a while, and there’s also Authy, which has significant advantages over Google Authenticator – but it’s perhaps best to get experience using the Google software first.

And that’s it! Thanks for getting to the bottom of this long article. I promise you, if you follow the advice and guidance included in it, and in the referenced articles, your online life will be much safer, more secure and your stress levels will be reduced!

What gender is a computer?

I’d like to thank a U3A member for sharing this with me and suggesting others might like to see it – not only as a light-hearted but also as a challengingly true piece of computer-related education (?)

It could be it’s an old video, and you’ve seen it before, but at least it’s not a Covid-19 meme!

 

Microsoft re-enters the browser war!

After Netscape Navigator was eclipsed by Microsoft’s  Internet Explorer as the browser of choice for many – mainly because it was hard-wired into Windows initially – the world of internet browsers has seen first the rise of Firefox from the Mozilla Foundation as an alternative open source option and then the succession to Google’s Chrome and it’s huge market presence.
I’ve written about Google’s dominance and the alternatives to Chrome before in “Just Google it …
Now Microsoft has stirred from its inactivity in the browser market place. It has ditched its proprietary Edge browser and replaced it with … Microsoft Edge. No confusion there then!
It is interesting because it will run on MacOS as well as Windows, something the old Edge didn’t do, and will use the same open source code base – Chromium – as Google’s Chrome and of course Brave (my browser of choice). This allows them to use Extensions written for that code base. I already use many extensions written for Chrome in my Brave browser.
What will this mean for Google especially as Microsoft Edge will effectively have a built-in ad-blocker? Who knows. It’s certain that as more users decide to use the Microsoft version of Chromium, so Google’s business model and revenue stream will come under attack. Will they retaliate in some way? Probably not. Interesting times.
Here’s an article that describes keyboard shortcuts that you can use with Microsoft Edge.

Managing your eMail


This post was created for the Cardiff U3A Computer Group meeting on the 23rd January 2020, but is possibly of more general interest.

Starting Point – the givens; what we’re trying to achieve

  • Having a manageable amount of email will make your life easier and better.
  • Focus on lifestyle habits rather than hard-and-fast rules.
  • Work out what you don’t want from your email, and then create habits that prevent it from happening.
  • Work out how you will handle email daily and if you can – weekly, and monthly, and decide whether you need a method to archive or store emails, or the information contained in them.
  • The importance of context. Use the appropriate tool wherever possible.
    • You need an immediate answer – use the phone, and leave a voice message if there’s no reply, possibly with a text message – “please get back to me after you’re listened to your voice mail” – as backup.
    • You need a record of the answer to a question – use email; and seek confirmation by email if the answer comes back a different way.
    • You need to just keep in touch, or chat – use text (SMS) messaging or WhatsApp (or any other – I don’t want to recommend one – chat platform).

Tools you can use (all the “F’s”)

Forever email – whatever your email address is now, seriously consider getting an email address that will last forever and not be dependent upon your currently favoured Internet Service Provider (ISP). So … Google’s gmail.com mail would be a good choice, as (if you’re wedded to one technology, say Apple) would be the email provided by that supplier, eg icloud.com. Here’s an article that lists the best email accounts currently. Personally, I wouldn’t go beyond the first three, and I would be tempted to say only the first two! So that would give you a choice of Google, Microsoft plus (in my case) Apple.
Fake email address – you don’t have to have just one email address. Create a duplicate for using when a retailer asks for your email address.
For you alone – don’t share an email address with a partner; have separate ones; you can always setup an email programme to read both email accounts on one device (eg a tablet). Keep your personal email address for yourself, and for life!
Feature-rich email program (a rather contrived “f” this one) – use the mailer that your operating system provides for you. On Windows and Apple this would be called Mail. On your phone or tablet it might be called Gmail or Outlook. There are others as well.
Forward your email to one place – if you’ve set up a new email address, you can forward mail from your old address to your new one and then apply filters (see below).
Filters – these are very useful and relatively easy to set up (or create). They allow rules to be followed and your email to be handled the way you want it to be handled and not just hang around clogging up your Inbox.
Flags (or labels) – you can put a marker against individual messages in some email programs. Perhaps a colour code to indicate their urgency or priority.
Folders – these are invaluable and when combined with a service such as the three (Google, Microsoft or Apple) I’ve mentioned, can ensure that you have an archive of messages that should last as long as you realistically would ever want them.

Techniques to keep your eMail under control

Aim for Only 20 Items in Your In-box
[Warning … Do as I say, not as I do!!!]. Twenty e-mails means that you can see your whole in-box without scrolling. As soon as you deal with a message, file or delete it. Only messages from the past week that you’ve yet to respond to belong in your in-box.
Stick to a Schedule (difficult but invaluable)
[Warning … Discipline needed] Even though I check my mail several times a day just in case something pops up which really needs to be urgently handled, I try to not process them right away. I try to only do that once a day, either at the beginning of the day or in the evenings. So I need to adhere to respecting the difference between checking and processing. So …
Delete ruthlessly, when you’re checking
Don’t reply immediately unless …
Can you write back in two minutes or less? If so, do it immediately, and delete the incoming email from your Inbox. Your reply together with the original message should be in your Sent mail.
If an e-mail requires more time, perhaps flag it so it can be handled during a scheduled window later that day or the next morning.
Important … if an email looks as though it can’t be answered easily – pick up the phone!
Sounds obvious but … you don’t need to read every single mail that comes in. Pick and select what’s relevant to you.
I subscribe to several newsletters – but I don’t read all the mails that are sent to me. I don’t delete them either, because I know they may have valuable information contained in them. Instead, I sometimes set up filters to automatically archive them to different folders (labels on Gmail), or move them to the appropriate folder manually. I only read them when I want to get more information on the topic.
Remember you can Unsubscribe from an email list – it’s not difficult and can reduce the amount of email you get quite considerably!
Turn off notifications that appear on your desktop. You really don’t need that kind of message appearing which drags you to your Inbox!!
Close email when you need to concentrate on something else. Close your email application or sign out of webmail when you need to do work that requires real focus for at least 30 minutes. When an email program is open, it’s tempting to check periodically (or obsessively) for new mail. Closing the program entirely (not hiding it)  removes the temptation.
Try to remember to remove old email messages from your Trash Can, unless you’ve set it to Auto-Delete after a week, or a month, or whatever.
Email programs and setting up accounts. This is much easier now than it used to be and instructions are usually provided for your email provider on their website, eg Google’s Gmail.

More on Folders and Filters, and Flags (Apple)

Folders (or labels, if you use gmail) are there to help you organise your mails.
Firstly, use a relevant naming system to what you’re doing.
Secondly, use hierarchy structure. First level folders are for the big categories, and second level folders are for sub-categories, and so on.
These work best when you’re using an email program such as Mail or Outlook.
Filters are tools that help you sort out the mail automatically when it gets into your mail. There are 2 basic things are required for a filter – (1) The term to look out for (2) Action to apply if the term is matched.  You can set up filters for different email addresses, subject titles, body text … whatever! Depending on what filter it is, the mail will be automatically sorted into a respective folder / archived, or moved to the Trash can.
Flags are ways of colour coding a message to give you an indication of how you might want to handle the message.