Ask Leo! #548 – Knowledge is Power, Free isn’t Free, Conventional Wisdom may not be necessary, and more…

Leo's Blog

Knowledge is Power

Continue Reading: Knowledge is Power


Free is Not Free

I frequently get questions from folks who download some free software only to find out that it's not free at all, and they get quite upset at having been misled.

Except that they weren't misled. Not really. Had they read more closely, they would have realized that "free" wasn't really free at all.

That's not to say there aren't misleading advertisements out there – there are. But even the completely up-front and honest ones are sometimes easy to misunderstand.

So let's look at some variations of "free" that aren't really free at all.

Continue Reading: Free is Not Free

Why is there a slash through the https in my browser's address bar?

Sometimes when I'm on a secure website (https in the URL), I notice that the https has a slash through it, seemingly meaning the site is NOT secure. Is this true? And if so, why is it happening?

Https, which stands for secure http, is used instead of http to do two things: confirm the identity of the site you're connecting to, and keep your communications with that site secure by encrypting it all.

If something is wrong, the browser will often display a warning, but in some cases it will do nothing more than turn the https indicator red, or put a line through it.

Unfortunately, "something is wrong" can mean many things, ranging from a serious security issue to a benign oversight by the website's owner.

Continue Reading: Why is there a slash through the https in my browser's address bar?

Is a periodic password change a good thing?

I read many articles (including some on Ask Leo!) that recommend that people should change their passwords from time to time. But what is good practice in this respect? Should it be related to frequency of use? For instance, some passwords are used frequently, some less often, and some rarely. Or should it be related to the level of security needed? For instance, passwords for online banking are more sensitive than passwords for magazine subscriptions.

Good practice in a corporate environment seems to be to force network and other password changes every 30 days or so. This would seem to be overkill in the home environment as it could result in some accounts being accessed more often to change a password than to do anything else.

Unless you get into a good routine, like when you do data backups, password changes will only get done sporadically, if at all.

Do you have a view on how to build such a good routine?

As you say, routines for things like this are difficult to set up, and if not automated, they are easily forgotten. Automation may be the answer in many cases, but it's not always available – at least not in a convenient form.

But before we even get to that, I want to talk about the "you should change your password periodically" rule of thumb.

I disagree.

Continue Reading: Is a periodic password change a good thing?


The Ask Leo! Guide to Staying Safe on the Internet
You can use the internet safely!

Learn how to protect your computer, your data, your accounts,
and most of all, yourself!

All digital formats included.
The Ask Leo! Guide to Staying Safe on the Internet

Previous Issue

Glossary Term


YMMV is an acronym for Your Mileage May Vary. It's used to indicated that your experience with a product or service may be different than those being discussed. It might be more correctly referred to as "your results may vary".

YMMV derives from the automobile industry where promotions often include an estimated measure of fuel consumption. Since fuel consumption is so highly dependent on individual driving characteristics, the phrase "your mileage may vary" is typically included to set expectations. When it comes to automobile mileage claims it might be more correct to say "your mileage will almost certainly be less than what we've stated here".

In technology the acronym and phrase are used frequently simply to indicate that one person's results using a particular computer, service, or program may be very different than another's. Like automobiles, computer usage is highly dependant on the characteristics and usage pattern of each individual user.

Glossary Terms are featured selections from The Ask Leo! Glossary.
Have a term you'd like defined? Submit it here.

Featured Comments

Recover Your Microsoft Account Later by Setting Up a Recovery Code NOW

Chris Clayton writes:

I have just had a long and fruitless Chat with a Microsoft advisor who insisted there was no such thing as a Recovery code ---- he kept confusing it with the Product ID and then with activation and then the very temporary Security Code (which I have used many times when resetting my Microsoft account password}. Here is a directly copied quote:

'Recovery key and product key is the same.

Actually no such thing recovery key, we from Microsoft called it as Product key.

You seeking help where you can find a recovery or product to store for future use.' And so on. I thought you might be interested.

Leo writes:

They seem to have accounts and products confused. There's no such thing as a recovery code for a product (like Windows or Office). Make sure they understand that you're talking about an account.

Charliemv writes:

Other Microsoft type accounts that I use and need a recovery code are: Office 365 and OneDrive. I think the one Microsoft account ( that uses my email as account number, covers all my subaccounts and subscriptions. And I think the one recovery code I acquired will work with all of them. My only problem is finding out how to verify the recovery code I wrote down was the most current. I can't find a verify button.

Leo writes:

There is no verify. You can only create a new one and replace your old one. If you login to all those other services with the same email and password, then they are all the same, single, Microsoft account and the one recovery code would apply.

Why are internet petitions a bad idea?

jasmine writes:

Hello. I was just wondering what you would suggest as an alternative? I realize, like many other people, that most politicians will probably never look at the petitions that end up on their desks but what else can we do? Many of the problems that occur and many of the atrocities that we hear about are miles away from where most of us live. Petitions provide us a link towards these issues and you'll never really know if anything will come out of it unless you give it a try. I see your point about scams and all but there are trustworthy sites available. There are so many problems in America and worldwide: even if it is a losing battle isn't it still worth the try?

Leo writes:

I mentioned it in the article: write physical letters, pick up the phone and call them ... heck, schedule a visit to their office if it makes sense. In general the harder it is for you to it, the more of a commitment it represents, and the more seriously these folks should take it.

Leo's Books

Backing Up 101 Saved! - Backing Up with Macrium Reflect Saved! - Backing Up with Windows 7 Backup Saved! - Backing Up with Windows 8 Backup
Just Do This: Back Up! The Ask Leo! Guide to Internet Safety The Ask Leo! Guide to Routine Maintenance Maintaining Windows XP - A Practical Guide

More Ask Leo!

Facebook - YouTube - Google+ - Twitter
Amazon - GoodReads


Need more help with or have questions about the newsletter? Check out the newsletter administration page.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Newsletter contents Copyright © 2015,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC