Happy Birthday, Mr. Handel

George Frederick Handel was born on this date (more or less – it was pre-conversion to the Gregorian Calendar in most of Protestant Europe) in 1685.  Famous for his Oratorio Messiah and his Water Music, he in fact composed hundreds of works in a wide variety of genres over his 74 year lifetime.  He lived in Germany, Italy, and England and traveled extensively.  He was revered by later famous composers – notably Mozart and Beethoven – and is generally considered one of the greatest composers of the Baroque era.

Prior to 3½  years ago, though, I would not have placed Handel in my top 5 even if asked to confine consideration to the Baroque.  I revere Bach and his mathematical precision, love the passion of Vivaldi and the brilliance of Purcell, and think Scarlatti’s sonatas are fun.  My long-ago pretense at being an organist included Buxtehude and Telemann.  Oh, I loved singing the Messiah and enjoyed hearing Music for the Royal Fireworks and had a passing acquaintance with parts of a few other oratorios.  But somehow Handel escaped my getting to know him well.

Then Mr. Handel’s legacy and my life crossed paths unexpectedly, in the guise of the Handel Week Festival (www.handelweek.com).  The festival, directed by Dr. Dennis Northway, was planning to present Handel’s oratorio Israel & Egypt. It requires a good-sized double chorus, and Dr. Northway was looking for an additional mezzo soprano.  I am grateful to Dr. Wilbert Watkins for the introduction.  The rehearsals and performance of Israel & Egypt, coupled with Dr. Northway’s enthusiastic, entertaining and enlightening stories about Mr. Handel and the work, opened my eyes to a whole new world. 

I have had the amazing fortune to remain with the Handel Week chorus since then.  I continue to learn about the man and his music and to learn to be a better singer and musician. I’ve made terrific friends in that chorus, even as I remain astonished that I am allowed to sing with musicians of this caliber.  And now I count Dennis as a friend as well as a teacher.

This season the Handel Week Chorus prepared two concerts.  Last Sunday we presented the famous Messiah as is traditional every 5 years of the Festival's life.  Dr. Northway chose Mozart’s 1789 orchestration of the work this time.  In addition to discovering there was much I still could learn about such a familiar piece, the orchestra accompaniment was refreshing and occasionally hilarious. You can feel the movement toward the Classical Period.  You can also catch Mr. Mozart’s sense of humor.  My new favorite aria is in Part III, just before the end: “If God be for us, Who can be Against us?”, for Soprano – and bassoon. 

Next Sunday, March 2, we will present a concert titled The Celebratory Handel. It includes two Coronation Anthems (including Zadoc the Priest, which is still performed at every British Coronation), Music for the Royal Fireworks, and The Te Deum for the Peace of Dettingden.  The choral music was all new to me.  The joy of the journey continues.  Happy Birthday, Mr. Handel – I am very selfishly glad you existed and were such a musical genius.  I am one of millions, perhaps, whose lives you have enhanced in unexpected ways

Security: Password Basics

Every single day, there are stories in the news about security breaches.  For every news story, there are thousands of unreported incidents, most of them limited to one or a few people. 

Astonishing as it continues to be to me, there are scads of people all over the world who have made a career of breaking into computers and accounts that don’t belong to them for the purpose or mischief, theft, or worse. I often wonder what the world would be like if we could somehow turn all that energy toward good instead of evil, but that’s a topic for another blog post.  

We have come to the point where computers are not really very useful unless they connect to the Internet.  But, if you’re going to connect to the internet, you’re at risk.  The key is how to minimize that risk so that you don’t end up being a target.

The biggest, and easiest, key is the use of passwords.  I continue to be surprised at how little priority people place on password management.  In case you’ve forgotten, here are the rules you absolutely MUST follow to minimize your risk of “being hacked”:

1. Every password should be more than 10 characters long.  Longer is better. 
   
2. There should be NO recognizable words in your password.  Let me say it another way: no string of characters in any part of your password should appear as a word in any dictionary.  In any language. 
   
3. Your password should contain numbers and special characters. Two of each is a good minimum.  There are still some accounts that don’t allow characters.  But where you can use them, use them. 
   
4. Every password should be unique.  In other words, do NOT use the same password for more than one account.  

 

Oh, I can hear the wailing and whining now.  I can’t remember all those passwords!  I can’t type them right if they’re that long!  XYZ company makes me change them every 30 days anyway!  

Okay. First of all, it's worth the effort.  Really.  How much will it cost you if someone gets into your bank account?  You really don't want to think about it.  So here’s how you make it [relatively] painless:

1. Create two  master passwords.  Use the rules above.  Here are two options and examples:
1. Pick two completely unrelated words, but ones you will remember. Substitute some of the letters for numbers or symbols.  Add additional numbers and symbols if necessary to create a password of more than 12 characters.
   Example:  Edition + Severity  = E41tions#v#rITY
2. Think of a pass PHRASE that you’ll remember.  Pull the 1^st letter from each word.  Substitute as above, again ensuring you have at least 12 characters.
   Example: Oh, I never remember passwords, but I will remember this one! = oinrpbiwrto = 0INr*,BiwR71!
   
2. Memorize your Master Passwords.  I mean it.  You’re going to use them every day, multiple times per day.  It should only take you a day or two before you can type them cleanly and remember them.  If you have to use a yellow sticky crutch, do it in the privacy of your home (and DON’T leave it where your teenager can find it).  If you’re still worried you’ll forget, put that sticky somewhere away from your computer.  In your jewelry box or something.  Don’t label it, especially if you keep it in your wallet.
   
3. Use one of your memorized Master Passwords to log in to your computer.  If you don’t know how, google “create password” or “change password” along with whatever operating system your device uses.  The instructions are simple. 

4. Use a Password Manager to keep your passwords.  I use KeePass (http://keepass.info/), but there are others out there that have good reputations and might be better for you, depending on what you do, and how many devices you use to access the internet, and what your favorite operating system is.   Use your other memorized Master Password as your password for your data base.  Then let your Password Manager generate ALL the rest of your passwords.
   This means, every time you log in to an account using your computer, make an entry in your Password Manager’s data base for that account, and reset the account’s password to what the Password Manager generates for the entry.  Occasionally you have to modify – amazingly, there are sites out there that won’t take the 20+ character passwords KeePass generates for me.  But do it, every time.  Pretty soon all your accounts will be in the data base.  Organize the entries so that you can find them easily.  Be sure to save a backup of the data base.  

If you do this, and get all your accounts re-passworded with complex passwords from your Password Manager, you can stop worrying about remembering them.  They’re there when you need them and safe when you don’t.   I like not knowing what my Facebook password is!  My KeePass data base is on Dropbox, so it's automatically up-to-date on all my devices.  KeePass also has a portable installation so that I can use it from a USB drive when using a computer that is not mine (at a client's office or the library) without installing anything or leaving a copy of my data base anywhere I don't want it.

An additional plus: most of the time, you’re using copy-and-paste to put your passwords in the appropriate field while logging in, thus foiling keystroke capture.  “ctrl-v” doesn’t help hackers  much. 

Do I follow these rules?  Well, no.  I don’t.  I make the following two exceptions:

1. I created and memorized a 3^rd Master Password, which I use for my email account.  Sometimes I’m too lazy to open up KeePass just because I want to check my email.  However, that password DOES follow the rules for complexity.
2. I have an “easy” password that I use on extremely low-risk sites, like forums.  It’s still a pretty secure password, but it doesn’t quite follow the rules above and I do use it in multiple places.   Although in recent months I’ve started replacing that password with one from KeePass in part because I also use KeePass to remember what accounts I have in the 1^st place.  Eventually I’ll probably also follow the no-duplicates rule because it’s so easy to let KeePass do the work.  

One other question to answer, and that’s about resetting your password.  There are indeed still a few sites that require passwords to be reset periodically.  Your Password Manager makes that easy – just generate a new one and use it to reset.  If I hear of a breach or a danger, I likewise go back to KeePass and set myself a new password for the account in question. Otherwise, frankly, I don’t worry about it much.  

The Security Community has slowly moved away from making people reset passwords frequently.  It only encourages folks to a)choose simple, short, easy-to-use passwords and/or b)use the same password for multiple accounts. Both of these are set ups for hackers.  If you create a complex, hard-to-crack password using my suggestions above, it stays complex and hard to crack. There’s no need to change it. 

There are other steps individuals – and IT departments – can take to reduce the risks of a security breach. But this one is far and away the most important.  It’s really not very hard.  And it’s in your hands.

Do you do these things?  What other ideas do you have for password management?  If you don’t generate unique and crack-resistant passwords, why not?  Tell me about it in the comments.

Cccccccolddddd….

Happy 2014.  And Welcome back. 
 

Probably half the bloggers in the USA have written about how cold it is this winter. I am using it as an excuse to start posting again.  Living in ChicagoLand, it’s been pretty interesting.  I can’t say I like temperatures below zero.  But I have enjoyed the cold a fair bit when it was less extreme – teens and twenties (farenheit).  I love to cross-country ski.  It’s my favorite winter workout.  It gets me outdoors and pushes me to the edge of breathless, a lot like a good Bulgarian Pajduško.  

Since it’s been so long since I wrote, of course a lot has happened.  Big things: Home Ownership (December 2012), loss of Leo (January 2013) and adoption of Coco (September 2013).  

I wrote about Leo in April of 2010.  I loved that boy.  He got me through some of my darkest times.  I had every reason not to expect him to live a normal Golden Retriever lifespan, but he did.  His end was fast and easy/painless.  For him, which is what counts.  My pain still exists.  But I am grateful to have had him for so long and that he didn’t suffer a long decline.  

Coco is a rescued poodle mix.  Recently I described her to facebook friends as “15 pounds of cute entitlement”.  

Photo Credit:  Margaret Loomis

She’s smart, sweet, playful, and snuggly.  She’s not Leo.  But she has her own special place in my heart, having wormed her way in overnight when I fostered her for a weekend in late September to “see if we’d suit”.  I try to maintain discipline and mostly I succeed. 

I bought a lovely house that I’m still crazy about.  The yard could be bigger, but it’s big enough to grow flowers and a small vegetable plot.  It is perfect in every other way.  I have been reunited with my piano and I have a real kitchen again (and my kitchen stuff!).  Leo got to live in it for 3 weeks before he died.  Coco is snoozing on the loveseat here in my office as I write. 

I feel pretty settled, now.  I have a small group of very dear friends here (you know who you are!) and a large group of activity buddies, conversation companions, professional colleagues, and assorted fellow audience members.   I have been thinking for a while about coming back, and I guess…I’m here.  I hope to hold forth on a new variety of topics in the same spirit in which I began this blog.  Variety is still the spice of my life.  Hope you’re getting started on a great year, too.