A reader named Eric found himself locked out of his Vista administrator accounts:
"Somehow, my account and my son's accounts were downgraded to standard user on his new computer using Vista Home 32-bit. I cannot seem to log in to make any changes to the accounts now. It prompts me to enter a password but no password box is available to type it in. How can I log in to change my account back to administrator?"
In a post last year, I described how to enable Vista's hidden administrator account and password-protect XP's default administrator account. Of course, this tip works only if you use it before you actually need it because it requires administrator privileges.
I found another approach described by Microsoft MVP Ronnie Vernon on the Soft32 forum. Here it is in a nutshell:
• Restart your PC and press F8 repeatedly before Windows loads to open Vista's Advanced Boot Options screen.
• Use the arrow keys to select Safe Mode and press Enter.
• On the low-res Windows Welcome screen, choose the Administrator account, which by default has no password.
• click Start > Control Panel > User Accounts and either change your standard account to an administrator one or create a new administrator account.
When you restart the machine normally, you'll have access to the administrator account you just restored or created. (Note that I wasn't able to verify this tip because I'm not willing to risk losing the administrator accounts on my Vista PC just to test it.)
Gmail encrypts transmissions, not messages
Another reader named Ian contacted me about some misinformation in a post from last month entitled "Five simple PC security tips":
"In this article, you refer to 'encrypting Gmail' where you urge people to turn on the https: feature when using Gmail. Technically, while any e-mail read/written is encrypted in transit between your browser and Gmail's server, the e-mail is nevertheless still stored in the clear.
"Perhaps you could clarify the wording somewhat so people might potentially avoid interpreting your remarks so as to conclude that their stored e-mail is somehow encrypted on Gmail's servers."
Right you are, Ian, which is why you want to think twice about storing confidential information on Google's servers or any other Web servers that don't support encryption. Google is reportedly considering changing Gmail to default to encrypted sign-ins, as explained by Brian Krebs on his security blog earlier this week.
This doesn't affect your stored messages, however, nor the files you share via Google Docs & Spreadsheets, nor any of your other personal data accessible through Google free services. That's the best reason I know not to keep any sensitive information in Gmail or any other Google app.
In a future post, I'll describe secure online services. You can bet none of them will have "Google" in their name.