|
No offense guys, but you're making a whole lot of assumptions to back up your attempt to discredit lastpass. My only assumption is that since they are doing this for money they are properly motivated to prioritize security. If Brian Krebs or other reputable security experts start trumpeting that lastpass is not secure or they're too shady, they are dead. Have fun with your Dropbox backed password solution.
|
#
?
Feb 26, 2016 05:02
|
|
|
|
| # ? Jun 4, 2024 08:27 |
|
|
Khablam posted:Your example here isn't really equivalent but 5 seconds and google pulled up this page: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
|
|
#
?
Feb 26, 2016 05:51
|
|
|
Mr. Fix It posted:If Brian Krebs or other reputable security experts start trumpeting that lastpass is not secure or they're too shady, they are dead. OSI bean dip is a reputable security expert.
|
|
#
?
Feb 26, 2016 05:52
|
|
|
Whizbang posted:OSI bean dip is a reputable security expert. No, he or she is some random poster on an Internet forum.
|
|
#
?
Feb 26, 2016 06:22
|
|
|
People mad about the best password manager, Lastpass, in here. KeePass is definitely more secure, but their password filling on Android is poo poo compared to Lastpass and it's frickin irritating.
|
|
#
?
Feb 26, 2016 06:24
|
|
|
Mr. Fix It posted:No, he or she is some random poster on an Internet forum. who apparently spends their day searching for every mention of Lastpass on here so they can run huffing and puffing into the thread, it's like clockwork
|
|
#
?
Feb 26, 2016 08:01
|
|
|
Mr. Fix It posted:No offense guys, but you're making a whole lot of assumptions to back up your attempt to discredit lastpass. My only assumption is that since they are doing this for money they are properly motivated to prioritize security. If Brian Krebs or other reputable security experts start trumpeting that lastpass is not secure or they're too shady, they are dead. Hey, isn't Dropbox that company that exposed every single file to anybody with an Internet connection for about 24 hours a few years ago? Yeah, that was them. I'm sure having your local password database encrypted will save you from having it brute-force decrypted by the NSA though. Look, if a technology solution involves a human being coding it, it's not secure. Full stop. Hardware-based keys: do you control the fab? It's not secure. Proprietary software: do you trust every developer, and every person with access to the source code repository, and every developer who worked on the compiler used to compile the software? It's not secure. What we can do it take reasonable precautions against most potential threats. A car door lock will not stop a car thief with a decent tool set, but it will deter the casual joyrider. LastPass doesn't guarantee that my bank password will never be compromised, but it's still safer than leaving it on a sticky note on my keyboard, or storing it in an Excel file on a USB stick (which can be stolen), etc. Every security solution is just playing the odds, and the odds are never 100% in your favor. For some people and organizations, getting as close to 100% as possible is worth tremendous costs. See: nation-state intelligence agencies. For most people, it is not worth any cost, and you're deluding yourself if you think you're always more secure just because you're running your own hardware and software stack. </rant>
|
|
#
?
Feb 26, 2016 14:50
|
|
|
Ynglaur posted:Hey, isn't Dropbox that company that exposed every single file to anybody with an Internet connection for about 24 hours a few years ago? Yeah, that was them. I'm sure having your local password database encrypted will save you from having it brute-force decrypted by the NSA though. This is how I feel too. I use Lastpass and accept that it could be compromised at any time, but it prevents me from reusing the same password at a bunch of sites just to make it easier to remember and instead have 10-15 digit length random strings of characters, letters and numbers. I use google authenticator to access my LP page so there's two factor authentication to get to the actual list. Keepass and local sync will be more secure, but it's also more of a pain in the rear end and the way I look at it, if someone wants to hack me they're going to hack me.
|
|
#
?
Feb 26, 2016 15:04
|
|
|
The fingerprint scanner plus LastPass autofill on android is super slick
|
|
#
?
Feb 26, 2016 15:12
|
|
|
Skarsnik posted:The fingerprint scanner plus LastPass autofill on android is super slick a bit TOOO slick.. I need it to ask for my password every once in awhile so I an remember my master pass I fogot it since I use android mostly.
|
|
#
?
Feb 26, 2016 15:33
|
|
|
Ynglaur posted:Hey, isn't Dropbox that company that exposed every single file to anybody with an Internet connection for about 24 hours a few years ago? Yeah, that was them. I'm sure having your local password database encrypted will save you from having it brute-force decrypted by the NSA though. You're demonstrating a complete lack of critical thinking here. Yes. Dropbox had a situation where <1% of its userbase had their files exposed to other users. This is unacceptable and should have never happened. However, the sheer idea that the NSA is going to go and try and break your AES-128-encrypted database is laughable at best. The fact that you go and cite the NSA and not give any thought to other groups tells me that you're grasping at straws to appear right. First of all, if someone were to compromise Dropbox to get passwords, they're going to likely avoid anything that is encrypted as there is this time factor that comes into play when you are actively loving around. People more often than not keep passwords within spreadsheets and text files and if you had unfettered access to some sort of file hosting service like Dropbox, you're going to look for those first as they take the least amount of time to open. Now to amuse your suggestion that people are going to go after KeePass and 1Password databases, how long do you think it'll take to bruteforce a password file? Let's read the documents for Keepass! Key generation posted:In order to generate the 256-bit key for the block ciphers, the Secure Hash Algorithm SHA-256 is used. This algorithm compresses the user key provided by the user (consisting of password and/or key file) to a fixed-size key of 256 bits. This transformation is one-way, i.e. it is computationally infeasible to invert the hash function or find a second message that compresses to the same hash. Good luck guessing that SHA-256 hash sum! Yes. One could do this via a GPU but if your key file is sufficiently large enough you're better off waiting for the heat death of the universe to come around or for quantum computing to figure out how to reverse this. Bruteforce attacks posted:You can't really prevent these attacks: nothing prevents an attacker to just try all possible keys and look if the database decrypts. But what we can do (and KeePass does) is to make it harder: by adding a constant work factor to the key initialization, we can make them as hard as we want. You cannot prevent bruteforce attacks but you sure as hell make it a pain in the rear end to do it. Let's do some really terrible math here. We have 6,000 rounds by default, a 2 GHz CPU can do 6,000 encryption rounds in 3x10^-6 seconds (0.000003), meaning that to exhaust the entire keyspace (2^128), it'll take 3.24x10^25 years. Just using one CPU as an example is good enough here because even with 1,000,000 cores going at it, it'll just drop it down to 3.24x10^19 years. We simply do not have enough CPU power nor materials to build such a computer on this planet to throw at the problem. In fact, there is an estimate of one billion desktop computers in the world, so if all of them had two 2 GHz CPUs and we used them all to crack your AES-128 database, it would take 1.62x10^16 years. IE: as it stands right now, unless you've got some magical computer that doesn't exist yet, bruteforcing AES-128 isn't going to happen easily. While I cite KeePass in particular, 1Password uses AES-256 so I need not demonstrate the numbers for that product. quote:What we can do it take reasonable precautions against most potential threats. A car door lock will not stop a car thief with a decent tool set, but it will deter the casual joyrider. LastPass doesn't guarantee that my bank password will never be compromised, but it's still safer than leaving it on a sticky note on my keyboard, or storing it in an Excel file on a USB stick (which can be stolen), etc. Every security solution is just playing the odds, and the odds are never 100% in your favor. For some people and organizations, getting as close to 100% as possible is worth tremendous costs. See: nation-state intelligence agencies. For most people, it is not worth any cost, and you're deluding yourself if you think you're always more secure just because you're running your own hardware and software stack. What you're talking about here is far removed from "reasonable" and is really closer to reckless. Using doors as analogies when decribing modern cryptography is an obtuse way of thinking because if you lose the key to a door, it's possible to make a new one or just remove the door all together. If you lose the key to something encrypted with AES-128, the data is not going to be recovered. So let's poke some holes in your logic here about Dropbox or any other service. Let's say hypothetically LastPass gets breached again (such as how it had user details exposed or where someone had unfettered access to their assets) and used this access to generate a backdoor that weakens the encryption (similar to that of the Juniper backdoor that was intentionally put in), how many people would be hosed by this attack? Millions. Anyone who logs in with their master password will be affected and it is completely possible for LastPass to not notice at all for years such as how it went down with Juniper. The way to attack cryptography is not with bruteforce but to find weaknesses within the application itself. If you want to read up on how people gently caress up these things, you could read this blog, a piece on how the old Cryptocat was garbage, or even this IOActive bit. The NSA or anyone else for that matter doesn't need fancy computers to go after your product's poo poo cryptography, they just have to either find poor implementations or just outright insert the backdoor themselves. Now the reason why I suggest that you use Dropbox is actually for the same reason that you suggest LastPass: convenience. Yes. The chances are there that your 1Password or KeePass file could become exposed, but the difference here is that provided the cryptography is sound (here's KeePass' source code for your review and details on the 1Password file format), you can be less worried than if someone goes and inserts a backdoor into LastPass and goes unnoticed for months. If you're really concerned about my Dropbox suggestion, then use Spideroak which is considered a zero-knowledge solution that works on all mainstream platforms. So let's go back to your banal suggestion that we should be concerned about the NSA. Why does the NSA matter here and why is it your only go-to threat actor? Why are we not thinking about the Russians, the Chinese, the North Koreans, or someone else? Why the NSA? LastPass is eager to tell us about who uses them. If you look at their enterprise overview, you'll see companies mentoned there. One in particular is CashStar, a company that provides gift card services (IE: financial) to large companies like Best Buy, Nordstrom, Gap, IKEA, and a tonne of restaurants. If say a Russian organization wanted deep access into these clients of CashStar, LastPass might be a place to start to get a foothold on at least organization. Target for example was breached beacuse their network was flat and an HVAC firm was compromised, leading to one of the largest credit card breaches yet. Of course I am just "some poster on a message board" without the supposed credentials of a large-forehead-ed journalist who is being cited a security expert who has never gone and shilled for anyone (on that note you should read Krebs' book) as much as you or anyone else in this thread, but at least have the courtesy to know what the hell you're talking about before you try and tell someone that they're wrong. It isn't like I do this for a job, make people's poo poo cryptography look like poo poo on my spare time, or research breaches as an actual company. 
Lain Iwakura fucked around with this message at 20:11 on Feb 26, 2016 |
|
#
?
Feb 26, 2016 19:12
|
|
|
Does your argument fundamentally boil down to, "I think KeePass and 1Password's cryptographic implementations are more secure than LastPass'?"
|
|
#
?
Feb 26, 2016 22:24
|
|
|
Ynglaur posted:Does your argument fundamentally boil down to, "I think KeePass and 1Password's cryptographic implementations are more secure than LastPass'?" Not quite. It boils down to KeePass and 1Password are fundamentally more secure than LastPass can ever aspire to and that the use of it is dangerous. There are possible flaws in their cryptography but it's easier to address them and mitigate them than if LastPass ever suffers a Juniper-style breach. A backdoor or flaw in the applications I am advocating for are going to be easier to catch than LastPass coming across it in their own stuff. The fact that LastPass is in use by Fortune 500 companies should be enough to tell you that they're a prime target and that one incident is enough to ruin everything.
|
|
#
?
Feb 26, 2016 22:54
|
|
|
Ynglaur posted:Does your argument fundamentally boil down to, "I think KeePass and 1Password's cryptographic implementations are more secure than LastPass'?" They don't need to be, is the point. Encryption is so fundamentally unbreakable that strong cryptography should be the beginning and end of anything used to store information that you don't want getting into someone else's hands. Sticking a known-exploitable server in the mix in order to save a few key presses on setup is a really bad idea. I'm sure you're thinking "oh noez not my forum posts lolz" but that's a ridiculous notion. Most people using given password manager will store enough data and allow access to enough data that anyone with malicious access could reasonably pass as you and leverage whatever they want. You're imagining the worst case scenario is "I lose my CC number somehow and need to call and change all my cards, urgh" but in reality you want to read some Identity theft horror stories and wonder if having to take a minute or two and work out how to keep a file to hand (in loving 2016 when this is as painless as remembering you need to wear socks) is really a problem. You don't even need to take any security precautions with the file, eg here is my KeePass file. I'm confident neither you, nor anyone you could possibly give this to, could ever use it. Bean dip's math looks pretty robust, but I'm sure people will look at it and think "but computers get faster all the time, and those numbers only go down..." Schneier had a piece a few years ago where he assumed you built the most efficient computer physics would allow (infinite guesses per second requiring only the smallest quantifiable unit of energy per guess) , and fed it with the entire energy output of the Sun and even in that scenario the Sun would go EOL before a 256-bit keyspace was run through. You need to do something like capture the output of half the stars in a Galaxy going supernova to pull it off. Math is pretty crazy.
|
|
#
?
Feb 26, 2016 23:35
|
|
|
I'm not downplaying the risk at all, and am well aware of the value of information. "It's used by Fortune 500 and is therefore a target" is fundamentally an argument for security through obscurity, which you've argued against (if memory serves ), so that's not compelling. You don't say that one cryptographic implementation is better than the other. So, what "fundamental " difference leads you to recommend one over the other?
|
|
#
?
Feb 26, 2016 23:42
|
|
|
I assume it's the fact that the complexity of LP gives more opportunities for a bad actor to insert itself between you and your data.
|
|
#
?
Feb 26, 2016 23:44
|
|
|
Ynglaur posted:Does your argument fundamentally boil down to, "I think KeePass and 1Password's cryptographic implementations are more secure than LastPass'?" I'd say the big difference in the number of parts in the system that you need to trust. With Keepass there are three. You need to trust that spyware hasn't been installed on your computer that could steal the passwords. And you need to trust that the keepass.exe on your computer hasn't been replaced by fake that emails all your passwords to criminals. And you need to trust the implementation in Keepass and that the password database is encrypted well. With LastPass you also need to trust that your computer is spyware free. Similarly you need to trust that your browser.exe hasn't been faked and that it hasn't been exploited in any other. The borowser is a massively bigger and more complicated piece of software than Keepass, and considering how often browsers receive security updates this isn't a thought I would be comfortable with. The browser will also spend all of it's time on the internet at the mercy of all those exploits looking for any weakness. Keepass has this threat only once a week when it checks for updates (and now that I think about I need to stop trusting the auto update). Next you need to make sure that your Lenovo computer doesn't have Superfish installed so that everyone in the Starbucks can't hijack your connection to the LastPass website and direct you to a fraud site. If you are SuperFish free you need to worry about if some nation-state has broken into any of the numerous certificate authorities and created a fraudulent https://www.lastpass.com certificate so they can hijack your connection. When you have finally made it safely to https://lastpass.com/ is the time when you need to start worry whether the staff at LastPass have done their work. And if you thought the browser was a massive and complex piece of software just think of all those servers and networks serving you passwords, those countless pieces of software needed in those servers, all those workstations the staff require to maintain. I'm an admin for ~450 servers. The servers and workstations I use to administer them are operated quite securely, but I always have a dread that they aren't nearly secure enough. Yet if I would try to do my job more securely I'd probably hand myself, because everything would be just too drat difficult. After that comes the LastPass.com implementation to worry about. There is at least the website server where you connect to take a peek at your passwords. There is probably also a database server that stores all those encrypted passwords. How are the passwords decrypted so you can use them? Does the database decrypt them and then hand them over to the website server, or does it receive them in encrypted form and then decrypt them? Which would be more secure option, the server that is open to the whole world or the server tucked in the back of the data center? Keepass is a small offline solution, you can just put it in computer that doesn't have any kind of network connections and use it whenever you need to take a peek at your passwords before typing them in your normal computer. LastPass on the other hand is an online solution that requires a massive amount of infrastructure to work just right for it to function.
|
|
#
?
Feb 26, 2016 23:52
|
|
|
Ynglaur posted:I'm not downplaying the risk at all, and am well aware of the value of information. Thermopyle posted:I assume it's the fact that the complexity of LP gives more opportunities for a bad actor to insert itself between you and your data. Saukkis posted:After that comes the LastPass.com implementation to worry about. There is at least the website server where you connect to take a peek at your passwords. There is probably also a database server that stores all those encrypted passwords. How are the passwords decrypted so you can use them? Does the database decrypt them and then hand them over to the website server, or does it receive them in encrypted form and then decrypt them? Which would be more secure option, the server that is open to the whole world or the server tucked in the back of the data center? These are the reasons why I have a problem with LastPass.
|
|
#
?
Feb 26, 2016 23:57
|
|
|
EkardNT posted:Check whether your school participates and the Dreamspark/MSDNAA program, when I was in school I got Windows (and Visual Studio!) free.
|
|
#
?
Feb 27, 2016 01:00
|
|
|
Ynglaur posted:Whichever one has never patched a security problem and can prove it has no security problems. What about for editing/creating though?
|
|
#
?
Feb 27, 2016 01:16
|
|
|
Ynglaur posted:"It's used by Fortune 500 and is therefore a target" is fundamentally an argument for security through obscurity, which you've argued against (if memory serves ), so that's not compelling. It's not really an obscurity thing, it's about the size of your target and the expected payout. If you manage to thoroughly infiltrate LastPass you have practically received the keys to the pearly gates. In just few hours you might be able to get all the passwords for large portion of LastPass users, maybe millions of them. It's hard to imagine how many dollars you could make with all those PayPal, online banking and Fortune 500 credentials. That's why anyone who has any cracking ability will be after LastPass. With Keepass the target is not nearly as clear or alluring. Say you have found a way to crack open those encrypted password databases, what next? Well, the next step would be to infiltrate Dropbox so you can search through their servers for any .kdbx files. But infiltrating Dropbox is probably just as difficult as LastPass and if you have gotten inside you can probably find a lot of valuable stuff that isn't excrypted in the first place. If that doesn't work, then your second option is to get the password databases directly from Keepass users' computers. But to get access to passwords of a million users you would probably have to infiltrate a hundred million computers, because Keepass isn't that widely used and how would you know in advance which of those computers are storing Keepass databases. Anyway, it's unlikely that someone will find a way to crack the encryption. More likely method is to install spyware on the computers to steal the passwords, for example using the method recently demonstrated. But this would still require installing spyware on those hundred million computers, so why bother with Keepass when you just empty everyone's online bank accounts. And this method would work just as well against LastPass anyway. If I wanted to steal a large amount of passwords from Keepass users I would exploit the update notification system. I would hack their website, or maybe just take the family of the website admin as hostage, and publish a modified Keepass software. Then I would wait for the Keepass programs to notify their users and install the update and soon the passwords would start pouring in when people use the modified programs. I think this is the biggest weakness in Keepass system and I have decided I won't be vulnerable to this. When I get notified of a new version I will download it, calculate a checksum for the installer and then wait for few weeks and listen for any ruckus. Then I'll redownload the installer and check that the checksums still match before installing the update.
|
|
#
?
Feb 27, 2016 01:46
|
|
|
Saukkis posted:If I wanted to steal a large amount of passwords from Keepass users I would exploit the update notification system. I would hack their website, or maybe just take the family of the website admin as hostage, and publish a modified Keepass software. Then I would wait for the Keepass programs to notify their users and install the update and soon the passwords would start pouring in when people use the modified programs. I think this is the biggest weakness in Keepass system and I have decided I won't be vulnerable to this. When I get notified of a new version I will download it, calculate a checksum for the installer and then wait for few weeks and listen for any ruckus. Then I'll redownload the installer and check that the checksums still match before installing the update. The updates are signed, and there is no automatic download or installation of them. It just checks a version # and flags you if there's a new one. You can still go to the site and check what you're downloading is properly signed. An attack like this would be extremely obvious unless the attacker somehow has the private signing key.
|
|
#
?
Feb 27, 2016 02:17
|
|
|
Factor Mystic posted:Do a self-hosted install of Discourse on an inexpensive DigitalOcean droplet. Kinda OT, but the pricing for the DigitalOcean packages is intriguing. Didn't know it has gotten so cheap already. I'm currently using shared hosting for a vanity website, and pay about the same. Do you need to setup your own e-mail server and everything, or are there pre-configured options? My subscription lapses in April, so not sure if I should start looking for alternatives again.
|
|
#
?
Feb 27, 2016 09:06
|
|
|
mike12345 posted:Kinda OT, but the pricing for the DigitalOcean packages is intriguing. Didn't know it has gotten so cheap already. I'm currently using shared hosting for a vanity website, and pay about the same. Do you need to setup your own e-mail server and everything, or are there pre-configured options? My subscription lapses in April, so not sure if I should start looking for alternatives again.
|
|
#
?
Feb 27, 2016 15:36
|
|
|
Vulture Culture posted:There's options like FastMail going down to $40/year for your own domain. Google Apps and Outlook.com used to have free plans, but both have been discontinued as of 2014. Apps for a single user is $50/year. ? I'm not interested in Outlook or Fastmail. This is about switching from a shared hosting account to cloud instance, if they're that cheap. Since I'm not familiar with the initial setup DigitalOcean provides, I was curious as to what that entails.
|
|
#
?
Feb 27, 2016 19:13
|
|
|
mike12345 posted:? The point is that for casual web hosting such as those coming from a shared web host, you shouldn't be managing your own email server, not only for technical reasons but also because you're more likely to be blacklisted as a spam server than if you go for managed solutions like FastMail, Outlook, or Google. There's a blog post on Digital Ocean about this. These managed services let you use your own domain name, in case you weren't aware. On the other hand, it's better to run into email issues and learn to fix them on a non-critical vanity domain instead of on your business email. There's a comprehensive community-managed set of tutorials at DigitalOcean that helps you set up your webserver. DO has a pre-configured LAMP/Ubuntu image that they can load for you and you will be doing the rest manually. Guerrand fucked around with this message at 06:29 on Feb 28, 2016 |
|
#
?
Feb 28, 2016 06:25
|
|
|
Guerrand posted:DO has a pre-configured LAMP/Ubuntu image that they can load for you and you will be doing the rest manually. That's what I was curious about, thank you.
|
|
#
?
Feb 28, 2016 08:43
|
|
|
I have a desktop installed with Windows 8.1 and I'm going to upgrade the video card and ram (and power supply). The CPU and motherboard (and hard drive) are staying the same. Is this going to trigger Windows to re-activate? I can't seem to find my Windows key anywhere (bought it from a guy on the internet…), can I pull the key I activated with via software? Is there gonna be any issues with me re-activating (if I need to)?
|
|
#
?
Feb 28, 2016 23:53
|
|
|
Boris Galerkin posted:can I pull the key I activated with via software?
|
|
#
?
Feb 28, 2016 23:59
|
|
|
What are the best torrent programs these days? Is Utorrent it still or should I use something different like qbittorrent or transmission?
|
|
#
?
Feb 29, 2016 07:17
|
|
|
There's a lot of opinions because it depends on what features you want, but utorrent is still good as a basic torrent program as long as you literally use the utorrent from 6 years ago (2.2) because it RealPlayered heavily after then.
|
|
#
?
Feb 29, 2016 07:24
|
|
|
Flipperwaldt posted:Yes, just use Nirsoft Produkey. All the other questions get a maybe, probably not, but irrelevant if you've got your key. Thanks. I'll get all the parts in sometime this week so I'll give it a shot. Decided to stick with the RAM I have too so I guess it'll only see a new GPU. I've found some conflicting searches both saying changing a GPU should/shouldn't (mostly shouldn't) trigger Windows to want to re-activate but we'll see. Question about Ninite, can I add more programs to Ninite as I go or is it a one time deal? Like e.g., right now I know I want Chrome and Skype so I tick those boxes. Later on I decide I want to add Notepad++ as well, is there a options/setting menu in Ninite that I can just tick off Notepad++ and have it automatically install it as well?
|
|
#
?
Feb 29, 2016 09:09
|
|
|
Boris Galerkin posted:Question about Ninite, can I add more programs to Ninite as I go or is it a one time deal? Like e.g., right now I know I want Chrome and Skype so I tick those boxes. Later on I decide I want to add Notepad++ as well, is there a options/setting menu in Ninite that I can just tick off Notepad++ and have it automatically install it as well? No, you have to download a new installer. There are no options or menus in the installer itself, at least in the free version. You just run the exe, and it starts installing or updating every program you selected on the site.
|
|
#
?
Feb 29, 2016 12:31
|
|
|
Goodpancakes posted:What are the best torrent programs these days? Is Utorrent it still or should I use something different like qbittorrent or transmission? I like Halite, Deluge is good too.
|
|
#
?
Feb 29, 2016 12:47
|
|
|
Is there any good free Word Processing software for personal use? Something better than WordPad?
|
|
#
?
Feb 29, 2016 13:34
|
|
|
Goodpancakes posted:What are the best torrent programs these days? Is Utorrent it still or should I use something different like qbittorrent or transmission? Deluge is my favorite, just slightly above qbittorrent and transmission in the "works exactly the way I want it to" and "never given me a problem" categories.
|
|
#
?
Feb 29, 2016 13:37
|
|
|
Sinking Ship posted:Is there any good free Word Processing software for personal use? Something better than WordPad? OpenOffice or LibreOffice are pretty much it. I think OpenOffice isn't updated anymore maybe? I've been using LibreOffice for a few years and it's mostly fine, but occasionally it'll choke on a PowerPoint or math formula. You can just stick the problematic ones on your OneDrive and use the online viewer.
|
|
#
?
Feb 29, 2016 13:38
|
|
|
hooah posted:OpenOffice or LibreOffice are pretty much it. I think OpenOffice isn't updated anymore maybe? I've been using LibreOffice for a few years and it's mostly fine, but occasionally it'll choke on a PowerPoint or math formula. You can just stick the problematic ones on your OneDrive and use the online viewer. Thanks very much that's just what I needed.
|
|
#
?
Feb 29, 2016 14:01
|
|
|
Not sure if this is the best thread for an Excel question, but I'll start here: I do on-call work for my job, and we have the ultra high-tech method of payment that involves filling out an Excel spreadsheet, printing it, etc... Despite that I work for an IT company, no one before now had even turned it into a template. Everyone was just using their old saved version and filling in the new info. I went ahead and made a blank template, but I'm wondering if I can make it a little more dynamic. The section people frequently forget to change is the date that their on-call week starts. I know I can have a cell just be TODAY() and that works fine for the date at the bottom for the signature, but that won't work for the date started for the on-call. I've changed the cells for each day (since we have to document all the calls for each day,) to dynamically adjust to the correct date once that first date is entered, but that first Week Start date is often (like, half the time, according to the gal in payroll that they go to) not updated. Is there a way to have a cell display the date that the most recent Friday* before today would be? So if I wanted to fill out the form today, it would autofill my "week start" date with 2/26. And even if I filled it out on Friday the 4th, I'd like it to not count THAT Friday and still populate it with 2/26, for example? * Yes, our on call weeks start on Fridays...very annoying, especially since pay periods start on Sundays.
|
|
#
?
Feb 29, 2016 18:17
|
|
|
|
| # ? Jun 4, 2024 08:27 |
|
|
DrBouvenstein posted:Is there a way to have a cell display the date that the most recent Friday* before today would be? So if I wanted to fill out the form today, it would autofill my "week start" date with 2/26. And even if I filled it out on Friday the 4th, I'd like it to not count THAT Friday and still populate it with 2/26, for example? What date should be displayed if I fill out the form on Saturday the 5th? If it should display 2/26, =TODAY()-WEEKDAY(TODAY())-1 If it should display 3/4, =TODAY()-MOD(WEEKDAY(TODAY()),7)-1
|
|
#
?
Feb 29, 2016 18:30
|
|
