Password Tip of the Day: If you take the most common password in the world and put a '1' on the end of it, it doesn't suddenly become a good password.

That said, apparently MySpace users are doing better in the password protection arena than corporate computer users. From Bruce Schneier:

While 65 percent of passwords [from MySpace group] contain eight characters or less, 17 percent are made up of six characters or less. The average password is eight characters long.

...

Character Mix: While 81 percent of passwords are alphanumeric, 28 percent are just lowercase letters plus a single final digit -- and two-thirds of those have the single digit 1. Only 3.8 percent of passwords are a single dictionary word, and another 12 percent are a single dictionary word plus a final digit -- once again, two-thirds of the time that digit is 1.

...

Another password study (.pdf) in November looked at 200 corporate employee passwords: 20 percent letters only, 78 percent alphanumeric, 2.1 percent with non-alphanumeric characters, and a 7.8-character average length. Better than 15 years ago, but not as good as MySpace users. Kids really are the future.

Ars Technica reports that there's been a significant surge in spam in the last few months (and it's not like we weren't getting any spam before):

The volume of spam being sent has seen a significant increase recently, and the jump is being attributed to the increasing use of botnets by spammers. Symantec reports that in a recent survey of small businesses, 64 percent reported an increase in the volume of spam received over the last six months with a third saying that the increase was "significant." Jay Best, help desk manager of ihug in New Zealand, said that the ISP had seen a spam increase of 40 percent over the last month alone, and that a spam explosion over the weekend has caused some 37,000 customers to experience e-mail delays of up to 24 hours.

If you want to see a graph, check here

So what happens when someone dies suddenly and all the family digital photos, financial records, and address books are password-protected? And what about MySpace, Live Journal and iTunes?

The situation poses a dilemma for e-mail providers that are pilloried by privacy rights advocates at the mere suggestion of sensitive data being exposed, at the same time they are expected to hand over the digital keys to family members when a customer dies.

Last year, Yahoo was forced to provide access to the e-mail of a U.S. Marine killed in Iraq to his father, who got a court order in the matter.

"The commitment we've made to every person who signs up for a Yahoo Mail account is to treat their e-mail as a private communication and to treat the content of their messages as confidential," said Yahoo spokeswoman Karen Mahon.

Beyond acknowledging that Yahoo complies with court orders, Mahon declined to discuss Yahoo's requirements for providing family members access to the e-mail accounts of their deceased loved ones.

Google will provide access to a deceased Gmail user's account if the person seeking it provides a copy of the death certificate and a copy of a document giving the person power of attorney over the e-mail account, said a Google spokeswoman.

The hacking of the Social Democrats internal network in Sweden is being linked to lousy passwords (as in passwords anyone and their five-year-old could guess).

According to this Slashdot report, (the original article is in Swedish) the hacked account was 'sigge' with a password of (oh, just guess) 'sigge.'

So, strong passwords (passphrases are better) use upper case, lower case, numbers and symbols. Make sure you can remember it and avoid writing it down.

The Northwest Florida Daily News asks--What does your inbox say about you:

"If you keep your inbox full rather than empty, it may mean you keep your life cluttered in other ways," says psychologist Dave Greenfield, who founded the Center for Internet Behavior in West Hartford, Conn. "Do you cling to the past? Do you have a lot of unfinished business in your life?"

On the other hand, if you obsessively clean your inbox every 10 minutes, you may be so quick to move on that you miss opportunities and ignore nuances. Or your compulsion for order may be sapping your energy from other endeavors, such as your family.

Email addiction, of course, is now a cultural given. But a less-noticed byproduct of that is the impulse of the inbox. Some of us are obsessed with moving every email to an appropriate folder while killing junk "spam" on arrival and making sure Mom knows that we got her email and still love her. Meanwhile, others among us are e-procrastinators, modern-day Scarlett O'Haras who figure we'll deal with old email tomorrow. We're discovering that the disorder in our inboxes mirrors the disorder in our homes, marriages and checkbooks.

Me, I'm a horder, at least in that I keep a lot of mail in my inbox. I prefer searching to categorizing. I don't think I'd call it hording vs deleting, though. I think of it as different ways of storing things. If I stuck my emails in different folders they'd be just as lost to me as they are to a 'deleter' who's overwhelmed by having 10,000 messages in their inbox.

People make up passwords they can't remember, then they end up using 'password' as their password. As discussed in this brief article you need to think about passwords that are both secure and memorable:

Vu, who is a assistant professor in the Psychology Department at California State University, Long Beach, goes on to say that the average password is easy to crack, but access to biographical data makes guessing that much easier with favorites being birthdays and children’s names. "My colleagues and I use an easily obtained cracking device called LC4 to crack passwords," she said. "It sources a dictionary to try words and combinations of words. It often cracks a password without knowing anything about the user. My research says that 60 percent of passwords can be cracked within a few hours, and some in less time than that."

Proactive password protection demands a requirement of upper or lowercase letters, numbers, special characters, and the like. Users generate a private password from these elements. The idea is that using these mechanisms makes cracking a password that much harder but her research has found a big trade-off between memorability and security. "The easier to remember a password is, the easier it is to crack," she said. "The ones that are harder to crack are the ones that are hard to recall and there’s the problem."

When you think about all the important things (your money, your personal information, your financial and legal records, etc) that you access online via passwords, you begin to understand (most people reading here probably already do understand, but hey, you can use this article to harangue your colleagues and loved ones) why it's really, really important to have secure passwords. Passphrases rather than passwords are more difficult to crack. Taking things you can remember and twisting them in ways that they are more difficult to crack (include symbols and numbers for example) but still something you can remember provide one way to keep more secure passwords.

From a recent Gartner report:

IT experts are more likely to suffer from stress than any other professional, according to the survey.

A staggering 97 percent of people working in IT claim to find their life at work stressful on a daily basis.

Four out of five IT consultants feel stressed before they even enter the workplace, in anticipation of another day juggling complaints, pressure from managers and daily targets.

And a quarter of IT experts are under such enormous pressure to perform at work they have taken time off suffering with stress.

...via Digg

From PCWorld.com:

Vinny Aceto, a Boston information technology specialist, is a 12-year veteran at helping fix people's PCs over the telephone and in person. Aceto says he has preferred telephone tech support over on-site service calls ever since he was attacked by a rabid PC owner.

"I was trying to explain to this sales manager [that] his hard drive was dead and I couldn't recover his presentation," Aceto says. The customer turned beet red, picked up his PC, and hurled it out his office window, Aceto says. The PC fell three stories and smashed to pieces in the parking lot. Next, the man jumped over his desk and tried to assault Aceto. Luckily people rushed into the office and stopped the attack.

How long it takes to crack your password depending on how many possible characters (lower case only, upper and lower case, numbers and letters, etc.)

For example:

Password: darren (created from 10 possible characters)
Possible combinations: 308.9 Million
Time to crack at 10,000 passwords/se: 8½ Hours
Time to crack at 1,000,000 passwords/sec: Instant

Password: Land3rz (created from 62 possible characters)
Possible combinations: 3.5 Trillion
Time to crack at 10,000 passwords/sec: 11 Years
Time to crack at 1,000,000 passwords/sec: 58 Mins

Password: B33r&Mug (created from 96 possible characters)
Possible combinations: 7.2 Quadrillion
Time to crack at 10,000 passwords/sec: 22,875 Years
Time to crack at 1,000,000 passwords/sec: 83½ Days

Market Share shows Firefox at 10% of the browser market and Internet Explorer at 85%

...or a Technological Manifesto

I don't agree with it all, but it's an interesting look at things IT needs to think about:

• Bad Technology is Your Fault
• Users aren't Born Stupid, You Train Them to be That Way
• You want to make your system easier to use than to not use.
• If the Solution Seems Too Simple, Use It
• Eliminate Jobs - Everywhere
• Make People Better

....

--via Digg

There's a war going on at Boston's Logan Airport:

Logan International Airport officials' ongoing quest to ban airline lounges from offering passengers free WiFi Internet services is angering a growing array of powerful Capitol Hill lobbying groups, who say Logan could set a dangerous nationwide precedent for squelching wireless services.

Already under fire from the biggest airline lobby, the Air Transport Association, and the manufacturer-backed Consumer Electronics Association, Logan officials are also coming under new criticism from the top US wireless lobby, CTIA-The Wireless Association. All three groups are siding with Continental Airlines Inc., which has asked the Federal Communications Commission to overturn a Logan order last year shutting off Continental's WiFi service in its Presidents Club lounge in Logan's Terminal C.

Soon after activating its own $8-a-day WiFi service in the summer of 2004, the Massachusetts Port Authority, which runs Logan, ordered Continental and American Airlines to shut down WiFi services in their Logan lounges. Massport also ordered Delta Air Lines Inc. not to turn on a planned WiFi service in its new $500 million Terminal A that opened last March.

The question is a big one: can a landlord tell tenants what communications they are allowed to implement?

...via Smart Mobs

Jakob Neilsen talks about enterprise usability:

Usability goes beyond the level of individual users interacting with screens. It's also a question of how easy or cumbersome it is for the entire organization to use a system.

Really:

Such are the difficulties caused by the over-abundance of passwords and codes to those with poor memories that a psychologist in Australia has found it is leading to mental health problems.

Michael Saling, head of neuropsychology at Melbourne University, calls it "busy-line syndrome" and has reported that a growing number of those who can't keep up are seeking medical help.

He said: "It's a condition people develop when they have too much on their plate. They begin to forget details about their life.

"Passwords and PINs are prime candidates for being forgotten, when they are just arbitrary numbers and people can't relate them to anything."

From oreilly.com -- The Art of Project Management:

In The Art of Project Management, you'll learn from a veteran manager of software and web development how to plan, manage and lead projects. This personal account of hard lessons learned over a decade of work in the industry distills complex concepts and challenges into practical nuggets of useful advice. Inspiring, funny, honest, and compelling, this is the book you and your team need to have within arms reach. It will serve you well with your current work, and on future projects to come.

Topics include:

• How to make things happen
  
• Making good decisions
  
• Specifications and requirements
  
• Ideas and what to do with them
  
• How not to annoy people
  
• Leadership and trust
  
• The truth about making dates
  
• What to do when things go wrong

All sorts of resources and information on running your Windows machine as a non-administrator.

From Aaron Margosis:

The #1 reason for running as Non-Admin is to limit your exposure.

When you are an Administrator, every program you run has unlimited access to your computer. If malicious or other “undesirable” code finds its way to one of those programs, it also gains unlimited access. A corporate firewall is only partial protection against the hostility of the Internet: you still browse web sites, receive email, or run one or more instant messaging clients or internet-connected games. 

Even if you keep up to date on patches and virus signatures, enable strong security settings, and are extremely careful with attachments, things happen. Let’s say you’re using your favorite search engine and click on a link that looks promising, but which turns out to be a malicious site hosting a zero-day exploit of a vulnerability in the browser you happen to be using, resulting in execution of arbitrary code. 

From HBS Working Knowledge, another article on E-mail Overload:

Before e-mail, senders shouldered the burden of mail. Writing, stamping, and mailing a letter was a lot of work. Plus, each new addressee meant more postage, so we thought hard about whom to send things to. (Is it worth spending thirty-two cents for Loren to read this letter? Nah….)

E-mail bludgeoned that system in no time. With free sending to an infinite number of people now a reality, every little thought and impulse becomes instant communication. Our most pathetic meanderings become deep thoughts that we happily blast to six dozen colleagues who surely can't wait. On the receiving end, we collect these gems of wisdom from the dozens around us. The result: Inbox overload.

Among the tips:

• Use subject lines that tell people something about the email
• Refer back to the original question when you provide an answer
• Make what you're asking clear and easy to pick out of the text
• Get out of the 'always-on' mode of checking email
• Delay your response (this slows the conversation to a manageable level when the conversation is important, but not urgent)

43 Folders gives some more tips for wading through all that email:

1. Shut off auto-check - Either turn off automatic checking completely, or set it to something reasonable, like every 20 minutes or so. If you’re doing anything with new email more than every few minutes, you might want to rethink your approach. I’m sure that some of you working in North Korean missile silos need real-time email updates, but I encourage the rest of you to consider ganging your email activity into focused (maybe even timed) activity every hour or three. Process, tag, respond to the urgent ones, then get the hell back to work. (See also, NYT: You There, at the Computer: Pay Attention)
2. Pick off easy ones - If you can retire an email with a 1-2 line response (< 2 minutes; pref. 30 seconds), do it now. Remember: this is about action, not about cogitating and filing. Get it off your plate, and get back to work. On the other hand, don’t permit yourself to get caught up in composing an unnecessary 45-minute epistle (see next item).

John Porcaro talks about wading through all that email :

Use subject-line protocols to speed communication: a.) No reply needed – NRN; b.) Thank you - TY; c.) Need response by date and time – NRB 10/30 3:00 pm; d.) Use subject line for whole message: Meet 10:00 10/30 Okay?

Determine who needs to be copied on what, what needs to be read, and what needs to be filed.

Keep e-mails short. Most should be no more than 1-10 sentences. Communicate your main point in the first sentence or two. Don't make readers work because you don't have time to focus.

...via Cutting Through

Interesting article from WritersUA on Design Checklists for Online Help, where 'online help' is defined as "'brief task-oriented modules of information' that support the user in accomplishing their tasks."

Among other things:

• Make the information task-oriented and highly structured, because the purpose of online help is to get the user back on task as fast as possible
• Separate information into distinct information types and include only one information type in each online help topic
• Follow minimalist principles in designing online help topics. Many online help designers misconstrue minimalism to simply mean brevity; however, minimalist design hinges on being able to make good decisions on what to do, say, or show, and on what not to include
• Keep the length of topics short, perhaps to no more than two screens long

One of the things we spend a lot of time cleaning off computers is spyware. It's as big a problem as viruses and maybe bigger--especially for people who never met a banner ad they didn't like.

Via The Shifted Librarian, here's a link to a presentation by Aaron (whose last name I don't know because I can't find a place on his site where he tells me) on What You don't know Will Hurt You: Spyware and Computers in Public Libraries (oh, wait, now I see that his last name is Schmidt because he does tell me that in his PowerPoint presentation). The presentation is geared toward libraries but contains important stuff that's good for all.

Along with all the good advice that Aaron provides in his presentation, my best advice is Pay Attention and Read Before You Click.

Darin and I recently did a talk on Computer Self-Defense and one of the points we talked a lot about was strong passwords. You should, of course, have passwords that are complex and include upper and lower case characters, symbols, numbers and are not real words (for instance, Bob, Bob01, and Bobbette are Not Good Passwords). And, really, really importantly--you should NOT TELL YOUR PASSWORDS to other people.

BoingBoing cites a survey where people gave their passwords to strangers on the street for a chocolate bar:

One interviewee said, 'I work in a financial call center, our password changes daily, but I do not have a problem remembering it as it is written on the board so that every one can see it.... I think they rub it off before the cleaners arrive."

And, of course, then there's my classic favorite where people gave their password to strangers because they were carrying clipboards.....

Maccaws provides The way forward with Web Standards | Kit | maccaws.org, making the case for Web standards on commercial sites:

Even though Web standards are being embraced by many Web authors, some businesses are reluctant to invest in standards-based Web sites without concrete reasons to do so. To help Web authors interested in advocating Web standards, this article assembles arguments and information about Web standards into one document and explains Web standards in terms of how they affect business. After outlining what Web standards are and how they are used, the article clearly demonstrates that adopting Web standards can improve many aspects of a Web site, such as: the amount of bandwidth used, load times, providing a foundation for accessibility, device independence and quality assurance processes. The article refutes several negative myths about Web standards and describes strategies for embracing standards. This article will lay the foundation for further research by MACCAWS into the nature of the business benefits of Web standards.

Stewart Butterfield come up at the top of Google's list for sylloge: Instant Message Question Answerer. He has a blog with some of the IM conversations he's had as a result.

Here's an excerpt from the very first one:

SweetRoxy215: hello
sylloge: yes
sylloge: it's true
SweetRoxy215: whats true
sylloge: "hello"
sylloge: I can see that you're typing
sylloge: I can hardly wait to see what's next!
SweetRoxy215: are you the question answerer that i can ank anything and get a true answer from
sylloge: yes, that's me
sylloge: I normally go by "Oracle" or "Great Seer"
sylloge: so, shoot: what's up?
SweetRoxy215: Is New Zealand a part of Australia?
sylloge: nope
sylloge: They are separate countries
sylloge: next?
SweetRoxy215: does the continent Australia have any countries in it at all, or just cities?
sylloge: it has one country on it: Australia

...

SweetRoxy215: thank you
SweetRoxy215: do a lot of people bother you with questions?
sylloge: Nope. You are the first one.
SweetRoxy215: o...really...are you some type of genius
sylloge: Well, I'm pretty smart. But it is just a coincidence that my IM name came up first in that search. Just the way that Google works, I guess.
sylloge: I don't normally answer questions like this.
SweetRoxy215: o okay

Edward Felten at Freedom to Tinker reports on Utah's Anti-Spyware Bill:

The Utah state legislature has passed an anti-spyware bill, which now awaits the governor's signature or veto. The bill is opposed by a large coalition of infotech companies, including Amazon, AOL, AT&T, eBay, Microsoft, Verizon, and Yahoo.

The bill bans the installation of spyware on a user's computer. The core of the bill is its definition of "spyware", which includes both ordinary spyware (which captures information about the user and/or his browsing habits, and sends that information back to the spyware distributor) and adware (which displays uninvited popup ads on a user's computer, based on what the user is doing).

He provides a good quick summary of the bill. Spyware affects network connections and computer function. It plays on people's trust and makes it more difficult for technical support staff to do their jobs (once burned/twice shy--people don't want to install anything, even things that can help them).

Life on the support line:

Loni is a great guy. Like me, he keeps track of Ken's more outrageous meltdowns and we compare notes over lunch. We have a good time. I like him. But Loni is a punter. I don't condone it, but I understand. Since hitting the floor we've all learned the sad truth. Actually solving problems is by far the slowest way to handle a call. We've each got 12 minutes from the moment we say hello to find a way to say goodbye, and after two weeks of trying to fix computers he knew nothing about and racking up average call times north of half an hour, Loni decided that if he was going to survive, he was going to have to change his approach. So he became a punter.

Karen is part of a growing group called givers. Like punters, they don't really solve any problems, but instead of just asking you to call someone else, givers want you to have a parting gift. They'll listen to your problem and then randomly choose a piece of hardware to send you. Of course it won't solve anything, but givers have discovered that people usually calm down and start agreeing as soon as they think you're sending them something to fix the problem. And by the time they get the new part and discover it has no effect, they'll call back and someone else will have to figure out how to deal with them. Givers are really just punters with style, and they find their tactic very satisfying. Karen and her ilk get to spend all day playing Santa.

Ted is someone I don't speak to. Ted is a formatter. Ted, and those like him, have only one solution to their customers' problems. Erase everything on the computer's hard drive and start over from scratch. While this can be effective for solving all sorts of software troubles, it's like amputating someone's leg to fix an ingrown toenail. The solution is usually worse than the problem. Most times Ted doesn't actually follow through with his plan. The entire strategy is just a bluff. Most people will balk at the proposition of losing everything and decide they can live with whatever problem they've called to complain about. At the very least they'll decide to hang up, back up their data, and call back -- at which point they'll become someone else's problem.

Here's a good piece on why plain text is better than formatted in email messages and it lists a ton of email packages and how to set them up for sending plain text messages:

Plain text is how your messages should be formatted when sending E-mail to mailing lists and Usenet newsgroups or to any other recipient. Though this rule is not yet cast in "Netiquette" stone, it is a good policy to follow if you want quick and informative responses to your questions and wish to avoid being "flamed" as a clueless newbie.

HTML is meant for the WWW; not for mailing lists, Usenet newsgroups postings, proper business E-mail correspondence and preferably not for personal E-mail unless the recipient is expecting it.

Reasons plain text is better, include:

• Plain text is smaller
• Plain text is safer (embedded HTML or MIME attachments spread viruses, worms, and trojans
• Plain text is more portable

I figure getting people to send their messages in plain text is a losing battle, but it makes your message simpler, safer and more readable so it's still something to think about at least.

This fits right in with stuff we've been talking about at work for the last week or so:

...Cory Doctorow's notes from Life Hacks: Tech Secrets of Overprolific Alpha Geeks from ETCON...

JWZ: Every program expands until it can read mail.

Danny's Corralary: Every program that can read mail ends up
getting used for everything else.

Sysadmins get thousands of emails from automated processes, "My
HDD is full, My HDD is full, etc"

--

Everyone, including Alpha Geeks, use only one app:

People complain about how their work wants them to use
organizers...

Joel Splosky uses Excel for everything.

HR person sends website designs in PPT.

Don Lancaster sees the world in Postscript.

...via (naturally) BoingBoing

Google Guide provides tutorials for making more effective use of the Google search engine to find what you're looking for on the Web.

According to KoreaHerald:

Samsung Electro-Mechanics said yesterday it has succeeded in developing a futuristic wearable mouse, "Scurry," where one can control keys and roam around computer screens by moving your fingers freely.

...via

There's an interesting discussion (Dan's blog post and the ensuing comments) on Microsoft and security issues at Dan Gillmor's weblog

Phil Windley also has an interesting article on enabling web services which talks about some of the basics of setting up web services. He also has a recent blog entry on the power of web enabled data sources.

Hotels' High-Speed Internet Often Has a Catch according to a recent article in the New York Times.

More travellers are considering high-speed availability when they travel. However, some hotels' systems are clumsy, difficult to connect through and lack support. Sometimes, says the article, free access is simpler better and easier all around.

Brian Fitzgerald and Tony Kenny have published a paper (PDF format) that describes their experience with open source software:

This study describes the implementation of open source software in a large Irish public sector organization, Beaumont Hospital. The findings reveal a radical shift in open source deployment from invisible infrastructure systems to highly visible vertical applications. The case study describes the implementation of these systems, the difficulties encountered, and also the benefits in terms of astonishing cost savings of €13m over 5 years. These details are useful in that few studies have thus far quantified the savings from the deployment of open source software (OSS). Given that Beaumont were already receiving academic pricing discounts for many of their original propritary closed source applications, the savings for a typical commercial organization could be even higher. Also, in many cases, the extra functionality available in the OSS systems deployed allowed for a richer feature set overall. The study also identifies the primary drivers in the move to OSS, namely principle, pragmatism and practicality. This is useful, since while several studies have considered the motivation of OSS developers, the motivation of actual users of OSS has received far less attention. The study also indicates how a typical company can contribute back to the OSS community in their own unique way, by distributing applications from their own domain of expertise, rather than having to make detailed code contributions to the original code base.

There are a number of other papers on open source available at the Free/Open Source Research Community.

Hard drive data recovery companies have starting hiring counselors to help customers who've lost valuable data

When the company receives a call from someone who's clearly lost it -- which can happen several times an hour -- Chessin comes on the line to help the caller rediscover their happy place. Then the engineer returns to discuss the technical problem in detail.

Syllabus discusses PDAs in the Classroom

Applications include recording experimental data, interactive feedback, and limited notetaking.

Usability guru, Jakob Neilsen, suggests that you design your site to engage and empower users. This doesn't mean content should be frivolous, but it should be active and engaging.

Uzilla.org is the not-for-profit arm of Uzilla. Uzilla.org offers web behavior data under an open data license.

Uzilla, the product, consists of an application server and a custom browsing client intended to help web sites evaluate usability.

Uzilla.org is currently conducting A Day in the Life study to look at how people access web pages now.

Users in the Development Cycle.

Users have to be willing before they will use whatever product you develop. Generally, they will use it if it helps them get their work done--not if it provides important company infomration, not if it increases accountability--because it helps them do their work. Users have to be involved in the development process or the whole thing can too easily become an expensive exercise in failure.

The design steps are: application necessity, intended audience, delivery, technology, timeline, development, delivery, support.

As the project proceeds it's important to know everyone's roles and to balance input from project management, development, and end users.

A new and interesting article at Boxes and Arrows by Nathan Shedroff, discusses Computer Human Values.

Computers have enabled cultures and individuals to express themselves in new and unexpected ways, and have enabled businesses to transform how, where, when and even what business they do. However, this rosy outlook has come at a proce. Computers have become more frustrating to use. In fact, the more sophisticated the use, the application, the interface, and the experience, the more important it is for computers and other digital devices to integrate fluidly into our already-established lives without requireing us to respond to technological needs. Also, the wider-spread these devices, the more socially-agile they need to be in order to be accepted.

According to research by Cliff Naas and Byron Reeves, people treat computers like people (yes, the rest of us yell at our computer screens, too). While we don't expect 'intelligence,' we do expect actions to be consistent with human values.

Therefore,

• Interfaces must exhibit (and support) human values
• When developing, use human experience as a model
• God (and possible the devil, too) is in the details

According to a recent article in ZDnet News, most people's passwords can be cracked pretty easily. In addition, according to one recent survey, four out of five people would disclose their passwword to someone in the company who asks. Worse, two-thirds of the workers polled at a train station in London willingly gave their password to the pollster.

Complicated, frequently changed passwords bring their own problems, however. Users forget them, have to write them down some place, and have to call support for help getting into systems that have locked them out. Researchers are experimenting with graphical passwords, extended single sign-on, smart cards and biometrics to find a balance between high security and actually using the system.

According to an article at Lighthouse on the Web text-based chat isn't proving to be as attractive a customer support option as many hoped.

Even beyond all the hype (replace phone operators; serve more customers with less), an experiment at a home loan operation in Australia showed that very few web site visitors actually chose to use chat.

We never got into double-digit figures. The message was clear: invest our time and energy in our Web site, telephone help and face-to-face service, which we know people like.

If logic were ever your friend it won't be after you've spent time with software, software installations and particularly Microsoft's Windows and Office products.

For example, let's say you wanted to uninstall MS Office XP and install MS Office 97 (because, say, you have old MS Access data that you couldn't, for some reason, convert). A simple process, one might think.

However, what you may find is that although Word and Excel and Powerpoint all work fine, MS Access comes up and says 'Microsoft Access can't start because there is no license on this machine.'

Searching Google's Groups turns up some helpful hints on things that might be out of whack in the Windows Registry--check permissions; remove RunOnce and RunOnceEx under HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows NT\

Although logical these suggestions don't work.

Searching in Microsoft's knowledge base with the exact words of the error message turns up nothing useful. However, it turns out that the answer is there after all (the specific link located through Google Groups not through Microsoft's search engine itsefl), under:

ACC: "There is no license" error starting Microsoft Access

The first thing this document recommends is again the logical option of checking permissions under Licenses in regedit. Doesn't work.

Finally, the MS document recommends searching for the font HATTEN in the \windows\fonts directory, renaming it, and then reinstalling MS Office 97.

This works.