Listen to the Podcast
12 July 2024 - Podcast #890 - (17:45)
It's Like NPR on the Web
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
In the simplest terms possible, it’s important to switch to passkeys and away from passwords as soon as you can. The limiting factor today is that passkeys are not yet in widespread use, but they are far more secure than passwords.
The primary problem with passwords is that no matter how secure it is, a password is useless if a scammer obtains it. Even if the password you use for a bank is Zus7*XRsL3JQq32#w&, it’s still vulnerable. That password is so long and so complex that it’s likely civilization will end before somebody could guess it. But if somebody sets up a scam site that looks like your bank’s site and tricks you into going there, you’ll hand the password to the scammer. You’ll be safer if you have enabled two-factor authentication, which far too few banks have implemented, but passkeys are even safer.
They are still the exception, but passkeys are currently in use. The Passkeys.directory website offers some clues. These are some of the sites where you can use a passkey: Adobe, Amazon, Apple, BestBuy, Bitwarden, CVS, EBay, Home Depot, Lowe’s, Microsoft, PayPal, Sony, Target, and many more. But there are also a lot of sites that should be using passkeys that aren’t: Most banks, most streaming services, 1Password, and Facebook are a few examples.
Passkeys are more secure than passwords for several reasons. They are not stored on servers, but on your computer or smart phone. Passkeys are unique to each device, meaning that the passkey for Adobe on your desktop computer will be different from the passkey for Adobe on your smart phone. Passkeys are usually generated using cryptographic algorithms. They can easily be revoked or changed if compromised.
The passkey replaces a password with a cryptographic key pair. One key is public and is registered with the app or website you’re using. The other key is private and stored only on your computer or mobile device. The key pair handles the authentication process between your device and the app or website without any input from the user.
So I’ve enabled passkeys for every website I can. When sites offer the option, I almost always take time immediately to set it up. In the meantime, I’ve enabled two-factor authentication for those sites that offer it, but haven’t yet progressed to passkeys.
Passkeys aren’t vulnerable to phishing attacks. You can’t tell the scammer what your private key is because it never leaves your device and you probably won’t even know what it is. If an attacker breaches a website, they may get your public key. That’s OK because it’s useless without the associated private key, and it’s not possible to use the public key to reverse engineer the private key.
The private key is stored on your device and is not shared with an app or website when you connect. The public key is stored by the website and you could publish in on the front page of the New York Times without creating a security problem.
You may see one small problem here: If someone steals your mobile device and is able to log in, the crook can use your smart phone to access your accounts using passkey authentication. That makes it absolutely essential that you have a complex password for the phone or that you use a biometric ID, touch or face ID for example.
Even if someone manages to find and copy your private key, it won’t work on a device other than the one you created it on. Passkeys are linked to the device that generated them and to the app or website they were created for. A spoofed site won’t pass the verification check, so your login will fail on a spoofed site even if the scammer fools you into going there.
Most sites allow users to establish multiple sign-in methods, so even sites that support passkeys usually still support standard passwords. Just be sure that you set up two-factor authentication if you can on any site where you still have a password enabled.
Not everyone loves Outlook. Possibly one could go a bit further and say that some people loathe Outlook. Microsoft’s email client is ubiquitous in business settings and it’s what I used when I worked for a large company. But I never did like it.
Outlook is on my computer these days because I subscribe to Microsoft 365, but it’s not an application I use. There are a few competing applications such as Spark ($60 to $100 per year), Canary Mail (free to $50 per year), and Shortwave (free to $290 per year). But Thunderbird (free, open-source, donations requested) is an often overlooked choice that shouldn’t be ignored. Versatile on its own, extensions make Thunderbird even better.
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
Thunderbird doesn’t have the most beautiful user interface, but it’s among the most customizable email clients around. The Bat ($50 to $60) from Moldova’s RIT Labs probably has more options, but is difficult to set up. Thunderbird’s interface uses tabs to combine your email, calendar, and contacts in a single interface. But it’s the add-ons that allow users to modify it by adding functionality to provide features that are missing from the core application.
Mozilla’s latest update for Thunderbird, to version 115 has a lot of welcome new features. It can be linked to a Google calendar and display a summary of events in the right column if you want it to. The search function at the top of the window is a welcome feature, especially for those of us with multiple email accounts. Thunderbird monitors my personal account, a TechByter account, a special account that I use for banks, an external account for a client, my Gmail and Outlook.com accounts, and my internet service provider’s account. Some of these are set up as POP3 accounts and others use IMAP.
Search in most email applications examines one account at a time, Thunderbird searches all accounts simultaneously, which is useful if you can remember the sender or bits of information from a message but not which account received it. The search bar also works in the Address Book, but the Calendar uses a slightly different approach.
I have tabs set up for Email, the Address Book, and Calendar, but there are also tabs for Tasks, Chat, and Settings. Any of these tabs can be opened on demand or pinned to the interface. Chat is somewhat limited, working only with IRC, Matrix, Odnoklassniki, and XMPP. In other words, you can’t use it as a replacement for Facebook Messenger. Odnoklassniki is a Russian social network.
Thunderbird has a lot of settings: About 50 in the General section, around 20 in the Composition tab, more than 20 in Privacy & Security, several in the Chat tab, about 40 on the Calendar section, and nearly 70 settings for each email account. New users will find that some of the defaults selected by the developers aren’t to their liking. That’s to be expected with any application. Where Microsoft makes some modifications easy, many difficult, and some impossible, Thunderbird gives the user access to nearly everything. If there’s something you don’t like, there’s probably a way to change it.
Create a free account at Mozilla Connect where you can submit ideas for consideration, discuss various Mozilla products, and find ways to change settings that you’ve been unable to figure out on your own.
And for everything else, there are add-ons. More than 2000 add-ons are provided on Mozilla’s website. Many are free and others have modest fees. You’ll also find dozens of theme that change the overall appearance.
Bitdefender installs a toolbar that monitors messages for potential threats and spam. The settings can be modified in the Bitdefender control panel and can only be enabled or disabled in the Thunderbird Add-Ons Manager.
Although Thunderbird has built-in message filtering options, FiltaQuilla adds some additional useful options, particularly for actions to take if a message fulfills the filter’s conditions, but there are also some additions to the actual filter functionality, such as the ability to add Regex matching to both the subject line and the body text of the message.
MailMerge adds the ability to create a mailing list and then to create a series of personalized messages. It also adds the ability to include personalized attachments with each message or one attachment that is included with all messages. One use case might involve sending statements to clients, where each client receives the statement for their specific account.
SendLater is crucial for anyone who frequently realizes that a promised attachment isn’t attached or that an important point was omitted only after sending the message. The extension delays all messages for a set period. I set the delay to two minutes, but if needed the delay can be skipped. There are also options to schedule messages to be sent at any specific future date and time.
Textmarker remedies one shortcoming Thunderbird has: The inability to highlight words with a background color. Thunderbird allows users to change the foreground color of the text easily, but changing the background color for a word changes it for the entire message. Textmarker lets the user choose up to 10 favorite colors that can be used to highlight text selections.
Unlike most modern email programs, Thunderbird doesn’t enable typographic quotes by default. Unicodify takes care of that and makes “smart quotes” the default. An autocorrect feature that’s currently in beta makes other changes such as replacing two dashes (--) with an en dash (–) and some decimals with fractions (0.25 with ¼).
The more than 2000 add-ons perform the magic of making Thunderbird, which is already capable of great things, able to do even more.
Being a company that always attempts to serve the best interests of its customers, Microsoft noticed that many users crave more advertisements. After extensive research, the company concluded that Windows users would be well served by advertisements in the Start Menu. Instead of calling them “advertisements”, though, Microsoft terms them “recommendations”.
Besides the “recommendations”, Microsoft also seasons the operating system with other ads, but perhaps you’re in the tiny minority of Microsoft customers who feel that these advertisements are intrusions and would prefer not to have them. Because Microsoft wants to please everyone, it undoubtedly makes it easy for that small contingent of users to turn off the advertisements, doesn’t it? Well, of course it doesn’t.
You’ll also find “recommendations” in the File Explorer, Lock Screen, Tips, Bing search results, the Edge Search Bar, and more. If you look hard enough and modify a variety of settings, you’ll be able to disable a lot of them, but maybe you’d like to make add the ads go away without all that fuss.
One option would involve using another application such as Stardock’s Start 11, which is what I use. I selected Start 11 not because it eliminates ads, but because I like the way it works. As a side benefit, Start 11 also eliminates the ads.
If you otherwise like what Microsoft has done with the Start Menu and you don’t want to pay for an applications such as Start 11, take a look at GitHub, where you’ll find two free, open-source applications that cut the clutter.
Oh Frick Go Back (OFGB) is one way to politely decline Microsoft’s kind offer of more “recommendations”. Download the current version from GitHub and install it. If you want to see the source code, it’s available, too. It’s not an all-or-nothing decision. If you want to remove the Start Menu “recommendations” but keep personalized ads, you can.
Winpilot is the other option. Both apps perform essentially the same tasks by making changes in the Registry. After running either app, you’ll be prompted to restart the computer so that the changes are activated.
If you later decide that you’re experiencing a severe shortage of “recommendations”, just run the app again and restore those that you want to see.
Oh, and just for the record: If it looks like an ad, acts like an ad, and is paid for like an ad, a “recommendation” is just an ad with fancy name.