How to use WhatsApp to send encrypted messages

How to use WhatsApp to send encrypted messages

If you have not tried WhatsApp Messenger, you’re missing out on encrypted, unlimited messages with images, video, and audio. Get up to speed on installing and using the app.

whatsapphero.jpg
Image: Jack Wallen

WhatsApp Messenger is an incredibly easy to use and popular mobile messaging system that is encrypted end-to-end for all users. One reason it’s popular is that the app allows users to exchange texts and media messages through their internet provider data plan or using Wi-Fi without having to pay for SMS.

The only caveat to using WhatsApp is that you can only message people who use WhatsApp. For instance, if your contacts are using Google Hangouts or their default messaging app, they won’t be able to communicate with you unless they install WhatsApp.

Here’s how to install and use WhatsApp Messenger on a Verizon-branded Nexus 6.

SEE: Tech Pro Research’s Mobile Device Policy

Installing WhatsApp Messenger

  1. Open the Google Play Store on your Android device.
  2. Search for whatsapp.
  3. Locate and tap the entry by WhatsApp Inc.
  4. Tap Install.
  5. Read the permissions listing.
  6. If the permissions listing is acceptable, tap Accept.

After the installation completes, you should see a launcher for WhatsApp Messenger in your App Drawer or on your home screen. Tap the launcher to fire up the application. The first time you use it, follow these steps.

  1. Agree to the EULA.
  2. Grant WhatsApp permission to access your contacts.
  3. Grant WhatsApp permission to access your photos, media, and files.
  4. Verify your phone number.
  5. Enter your device phone number and then tap the Send button. WhatsApp Messenger can automatically detect the verification code, so you don’t have to open your current messaging app to retrieve the digits.
  6. Grant WhatsApp permission to send and view SMS messages by tapping ALLOW when prompted. WhatsApp will finally detect the incoming verification code.
  7. Enter a name for your profile and tap NEXT.

Now you’re ready to begin using WhatsApp.

Using WhatsApp Messenger

From the main window (Figure A), tap the message icon, and all of your contacts who use WhatsApp Messenger will appear.

Figure A

Figure A
Image: Jack Wallen
The WhatsApp Messenger main window.

If you have contacts that are not using WhatsApp Messenger, tap the Contacts tab, scroll through to find the contact, and tap the INVITE button (Figure B).

Figure B

Figure B
Image: Jack Wallen
Inviting contacts to use WhatsApp Messenger.

Beyond that, using WhatsApp is as simple as using any other messaging app. You might want to check the ability to configure the media auto-download. With this feature (Menu | Settings | Data Usage), you can define what is automatically downloaded when using mobile data and when connected to Wi-Fi (Figure C).

Figure C

Figure C
Image: Jack Wallen
Defining what is downloaded by connection type.

To prevent anything from auto-downloading while using your data plan, uncheck Images for mobile data and check everything for Wi-Fi (Figure D).

Figure D

Figure D
Image: Jack Wallen
Enabling everything to auto-download when connected to Wi-Fi.

One of the best messaging apps

Give WhatsApp a try, and see if it doesn’t quickly wind up becoming your default messaging app — at least for contacts already using or willing to use it.

Posted in Cryptography, Privacy, Security | Tagged , , | Leave a comment

Petya ransomware decryption tool sets your files free

Petya ransomware decryption tool sets your files free

petya-ransomware-cracked

Successful ransomware families including CryptoWall, TeslaCrypt and Locky encrypt the data files on your hard drive and require you to pay a ransom to get the key to decrypt them.

But the Petya ransomware, which we wrote about recently, is somewhat different.

Petya leaves your files alone, but scrambles the Master File Table (MFT) of your C: drive so your computer can’t boot up Windows at all.

The bad news is, normally, the ransomware crooks do a good enough job with the cryptographic parts of the malware to make it all but impossible to break the encryption – and unless you have backups, you have little choice but to pay the ransom if you want your files back.

The good news is that you probably won’t get hit by Petya – this ransomware is pretty rare, according to SophosLabs statistics – but if you are one of the unlucky Petya victims, there’s good news for you, too.

You may not need to pay the ransom at all, because this time, the malware authors weren’t very careful and it’s possible to crack the encryption.

A researcher by the name of “Leo Stone” has figured out how to crack Petya’s encryption, and created a free online “Petya pay no ransom” tool you can use to generate the encryption key without paying.

Petya victims just need to enter some data strings from the affected disk into the online tool, and it uses an algorithm to generate the key, a process described in a GitHub post by leo-stone.

petya-pay-no-ransom-tool-720

You’ll need to attach your infected hard drive to another working computer to extract the necessary data (BleepingComputer has a step-by-step guide for the whole process).

After you enter the data in the tool, it spits out your key, which you next need to enter into the Petya ransom page on your infected computer.

How to prevent ransomware

It’s good news that Petya was relatively easy to crack, but the truth is, today’s ransomware mostly avoids this kind of mistake.

Prevention is far better than a cure, so here are some tips you can use to protect yourself against ransomware.

1. Back up your files regularly and keep a recent backup off-site.

Backups can protect your data against more than just ransomware: theft, fire, flood or accidental deletion all have the same effect. Make sure you encrypt the backed up data so only you can restore it.

2. Don’t enable macros.

A lot of ransomware is distributed in Office documents that trick you into enabling macros. Microsoft has just released a new tool in Office 2016 that can limit the functionality of macros by preventing you from enabling them on documents downloaded from the internet.

3. Consider using Microsoft Office viewers.

They allow you to see what a Word or Excel document looks like without macros. The viewers don’t support macros so you can’t enable them by mistake, either.

4. Be very careful about opening unsolicited attachments.

Most Windows ransomware in recent months has been embedded in documents distributed as email attachments.

5. Don’t give yourself more login power than necessary.

Don’t stay logged in as an administrator any longer than necessary. Avoid browsing, opening documents or other regular work activities while logged in as administrator.

6. Patch, patch, patch.

Malware often relies on bugs in software and applications. When you apply security patches, you give the cybercriminals fewer options for infecting you with ransomware.

7. Train and retrain employees in your business.

Your users can be your weakest link if you don’t teach them how to avoid booby-trapped documents and malicious emails.

8. Segment the company network.

Separate functional areas with a firewall, e.g., the client and server networks, so systems and services can only be accessed if really necessary.

Learn more about how to prevent ransomware

Sophos experts have created a free guide explaining How to stay protected against ransomware.


Image of broken chain courtesy of Shutterstock.com.

Posted in Cryptography, Education, Security | Tagged | Leave a comment

The Accessories Folder in Windows 10 Is a Useful Hidden Gem

The Accessories Folder in Windows 10 Is a Useful Hidden Gem

 

http://www.makeuseof.com/tag/the-accessories-folder-in-windows-10-is-a-useful-hidden-gem/

In Windows 10, the beloved Accessories folder is a little harder to find than it was in the old days. It used to be front and center in the Start menu, always ready to provide you with access to the default Windows tools like Paint, Notepad, Run, and so on.

It’s easy to get confused and think the folder has disappeared along with some other features of older versions of Windows, but it’s still very much alive and kicking, you just need to know where to find it!

First, click the Start menu. Next, click the All Apps button the very bottom. From here, you’ll probably notice the things listed under A, and you’ll see that Accessories isn’t there. That’s because the folder is now called Windows Accessories!

screenshot_30

Scroll down to W (or click the 0-9 on the top off the screen, then select W), and you’ll see Windows Accessories listed right there. Click it, and all the tools you know and love will be there.

What are the tools in the Windows 10 Accessories folder, you ask? You’ll still find Paint, Notepad, Windows Journal, Step Counter, Wordpad, Clipping Tool, and all kinds of tools.

If getting to the Accessories folder for a tool you use frequently, don’t forget that you can pin the ones you use the most to the Start Menu (here’s how).

Posted in Microsoft, Windows 10 | Tagged , | Leave a comment

Windows 10 Tip: Remove the Built-in Apps

Thurrott.com |

Posted on February 10, 2016 by Paul Thurrott

https://www.thurrott.com/windows/windows-10/64488/windows-10-tip-remove-built-in-apps

 

Windows 10 Tip: Remove the Built-in Apps

Windows 10 prevents you from easily uninstalling some of its core built-in apps. But you don’t have to be a rocket scientist to get them off your PC. Here’s the easiest way to do so.

As you may know, you can easily uninstall some of the apps that come with Windows 10 (or, worse, bundled with your PC from the hardware maker). Just right-click them in the Start menu and choose Uninstall from the pop-up menu that appears. Seriously, who on earth needs or wants 3D Builder?

uninstall-menu

The problem, of course, is that many built-in Windows 10 apps cannot be uninstall this way. If you right-click Mail, Photos, Groove, and many other built-in apps, the Uninstall option does not appear.

nope

Fortunately, you can in fact remove any of the built-in Windows 10 apps. You just need to know the trick.

And no, it’s not by using PowerShell. I’ve seen plenty of tips out there for removing the built-in Windows 10 apps with this power-user/developer feature, but come on. That’s like using a sledgehammer to kill a fly. Instead, you can remove these apps much more easily: By using the free CCleaner utility.

To do so, just navigate to Tools, Uninstall in CCleaner and choose the app(s) you wish to uninstall.

ccleaner

The nice thing about this process is that (with the one exception noted below), you can always reinstall any uninstalled app from the Windows Store. So this tip is useful for those who are experiencing an app issue and simply want to reinstall the app as well.

Just one word of warning: Do NOT uninstall the Store app. If you do, the only easy way to get it back is to reinstall Windows 10 over itself. Or, yes, you could use … sigh … PowerShell. :

 

Posted in Microsoft, Windows 10 | Tagged , | Leave a comment

Restoring files from Windows 10’s File History

The File History tool in Windows 10 lets you restore your files if they’re corrupted or inadvertently deleted. Here’s the most straightforward way to handle the task.

http://www.techrepublic.com/article/restoring-files-from-windows-10s-file-history/?tag=nl.e064&s_cid=e064&ttag=e064&ftag=TREe331754
hero
Image: iStockphoto.com/bernie_photo

In my last article, I showed you how to enable and configure File History from the new Windows 10 user interface and how to create a backup. As I explained, once your initial backup is complete, File History will monitor all the files and folders you chose and back up any files you change.

Of course, the ultimate goal of File History is to be able to restore files that have been corrupted or inadvertently deleted. There are three places that you can begin a restore operation in Windows 10; however, they all perform the same basic operation. For the sake of expediency, I’ll cover only one of them in detail, since it is the easiest to find and makes the most sense. Let’s take a closer look.

Initiating a restore operation

You can launch a File History restore operation by accessing a file’s Properties page and using the controls on the Previous Versions tab. Alternatively, you can launch the File History tool and navigate to the Restore command at the bottom of the Backup Options page. But neither of these methods is as intuitive as launching the restore operation from within File Explorer, so that’s the approach we’ll take.

To get started, select the Home tab and go to the Open section. There you’ll see the History button, shown in Figure A. When you click this button, File History will launch in restore mode.

Figure A

Figure AFigure A
You can launch a restore operation from within File Explorer.

Restoring versions of a file

Let’s say you edited a file but now want to revert to a version before you made the changes. To perform this type of a restore operation, select the file in File Explorer and then click the History button. File History will open the most recent backup copy of the file in a preview mode, as shown in Figure B.

Figure B

Figure BFigure B
Clicking History opens a preview of the selected file.

At the top of this window is the Address bar, which displays the path and name of the file. Directly below the Address bar, you’ll see information about the most recent version of the File History backup. In this case, the backup of this file is from December 10, 2015, at 7:37 PM and it’s version 4 of 4. To the left is the outline of the previous version. You can scroll through all the available versions by using the Previous and Next buttons at the bottom of the screen.

As you do, you can scan through the various versions of the file’s contents in the preview window. Once you locate the version you want to restore, just click the green Restore button. File History will then prompt you for the next step, as shown in Figure C.

Figure C

Figure CFigure C
The Replace Or Skip Files dialog offers these options.

The default choice is Replace The File In The Destination. If you want to double-check before proceeding, select Compare Info For Both Files. This will open a File Conflict dialog like the one shown in Figure D. You can select both files, which will append a number to the copied file’s name, then decide later which one you want to keep.

Figure D

Figure DFigure D
The File Conflict dialog will allow you to keep both files.

If you click Skip This File, File History will automatically restore the next file. This seems like an odd behavior and might just be a bug that slipped through. Even so, if it turns out that isn’t the version that you want, you can always repeat the restore operation, as the file is still a part of the backup. In other words, you can restore a version of a file multiple times if you want or need to.

You’ll also notice the cog icon in the upper-right corner of the window. Clicking the icon and choosing Restore To will open the Restore To dialog. Here you can select another location on your hard disk to restore the file, as shown in Figure E. This option also allows you to have two versions of the file so you can decide later which one to keep.

Figure E

Figure EFigure E
You can restore the file to another location on your hard disk.

Regardless of which restore options you choose, you’ll see a copy operation progress dialog box complete with a graph. When the operation is complete, the folder containing the restored file will open.

Restoring individual files

Another situation where you might want to perform a restore operation from File History is when an individual file, or group of files, has been accidentally deleted. Or maybe you intentionally deleted the file and now wish you hadn’t.

To restore a deleted file, open the folder where the file used to be and click the History button. File History will display all the files contained in the most recent backup of that folder, as shown in Figure F. You can then use the Previous button to locate the file.

Figure F

Figure FFigure F
When restoring a deleted file, select the folder where the file used to be. File History will show you all the files contained in the most recent backup of that folder.

Once you locate the file you want to restore, select it and click the green Restore button. File History will display a copy operation progress dialog box and restore the deleted file. Again, when the operation is complete, the folder containing the restored file will open.

The operation is the same for restoring a deleted folder.

Restoring after a hard disk crash

If you have a major hard disk failure, you can use File History to restore the most recent versions of all your files. Once you have Windows 10 installed on your new hard disk, reconnect your external hard disk and launch File History.

To do so, access Settings from the Start menu or from the Action Center, select the Upgrade & Security tile in the Settings window, and select the Backup tab. On the Back Up Using File History page, click the Add A Drive button. Windows 10 will then search for and prompt you to select a drive. When you select the drive containing your backup, File History will recognize that it already contains a set of files. You can begin the restore operation using the steps I explained above for restoring individual files and folders.

About Greg Shultz

Greg Shultz is a freelance Technical Writer. Previously, he has worked as Documentation Specialist in the software industry, a Technical Support Specialist in educational industry, and a Technical Journalist in the computer publishing industry.

Posted in Windows 10 | Tagged , , | Leave a comment

Don’t Be a Victim of Tax Refund Fraud in ’16

KrebsonSecurity

Don’t Be a Victim of Tax Refund Fraud in ’16

https://krebsonsecurity.com/2015/12/dont-be-a-victim-of-tax-refund-fraud-in-16/

December 14 2015

With little more than a month to go before the start of the 2016 tax filing season, the IRS and the states are hunkering down for an expected slugfest with identity thieves who make a living requesting fraudulent tax refunds on behalf of victims. Here’s what you need to know going into January to protect you and your family.

The Growing Tax Fraud MenaceThe good news is that the states and Uncle Sam have got a whole new bag of technological tricks up their sleeves this coming tax season. The bad news is ID thieves are already testing those defenses, and will be working against a financially strapped federal agency that’s been forced to cede much of its ability to investigate and prosecute such crimes.

Tax refund fraud affects hundreds of thousands, if not millions, of U.S. citizens annually. Victims usually first learn of the crime after having their returns rejected because scammers beat them to it. Even those who are not required to file a return can be victims of refund fraud, as can those who are not actually due a refund from the IRS.

By all accounts, the IRS has improved at blocking phony refund requests. The agency estimates it prevented $24.2 billion in fraudulent identity theft refunds in 2013. Trouble is, it actually paid out some $5.8 billion in fraudulent refunds that year that it later determined were bogus, and experts say that is only the fraud the agency knows about, and the true number is likely much higher annually.

Perhaps in response to the IRS’s increasing ability to separate phony returns from legitimate ones, crooks last year massively focused on filing bogus refund requests with the 50 U.S states. To head off a recurrence of that trend in the 2016 filing season, the states and the IRS have hammered out an agreement to examine more than 20 new data elements collected by online providers like TurboTax and H&R Block.

Those new data elements include checking for the repetitive use of the same Internet address to rapidly file multiple returns, and reviewing computer device information (browser user agent string, cookies e.g.) tied to the return’s origin. Another check involves measuring the time it takes to file a return; fraudsters involved in tax refund fraud tend to breeze through returns in just a few minutes because they are generally copying and pasting information into the tax forms, or relying on an automated program to do it for them.

The hope is that the these new checks will let investigators more accurately flag suspicious refund requests processed by tax preparation firms, which also have agreed to beef up lax security around customer accounts. Under the agreement, online providers will enforce:

  • new password standards to include a minimum of eight characters, with upper, lowercase, alphanumerical and special characters;
  • a lock-out feature that blocks users with too many unsuccessful login attempts;
  • the addition of three security questions;
  • some sort of out-of-band verification for email addresses — sending an email or text to the customer with a personal identification number (PIN).

Julie Magee, Alabama’s chief tax administrator, said the state/IRS task force opted not to disclose all 20 of the data elements they will be collecting from tax prep firms.

“The thieves are going to figure these out on their own, and they’re already testing our defenses,” Magee told KrebsOnSecurity. “We don’t want to do anything to make that easier for them.”

ANALYSIS

Whether or not we see an increase in tax refund fraud next year, one thing seems certain: the IRS will prosecute far fewer of the crooks involved. Congress has persistently underfunded the IRS, and budget cuts have pushed prosecutions of identity thieves to a new low. According to the IRS’s 2015 Annual Report, IRS identity theft criminal investigations are down almost 50 percent since 2013.

irs-idtheftprosecutions13-15

Tax fraudsters were so aggressive last year that they actually figured out how to steal consumer identities directly from the agency itself. In August 2015, the IRS disclosed that crooks abused the “Get Transcript” feature on its Web site to steal Social Security numbers and information from previous years’ tax filings on more than 334,000 Americans.

The IRS has responded to the problem of tax ID theft partly by offering Identity Protection PINs (IP PINs) to affected taxpayers that must be supplied on the following year’s tax application before the IRS will accept the return. However, consumers still have to request an IP PIN by applying for one at the agency’s site, or by mailing in form 14039 (PDF).

Incredibly, the process that thieves abused to steal tax transcripts from 334,000 taxpayers this year from the IRS’s site also works to fraudulently obtain a consumer’s IP PIN. In fact, the following redacted screen shot from a notorious cybercrime forum shows a seasoned tax fraudster teaching would-be scammers how to use the IRS’s site to obtain a victim’s IP PIN.

ippin

Both the Get Transcript and the process to retrieve an IP PIN from the IRS’s site are vulnerable because they rely on the applicant supplying static information that is trivial for thieves to obtain, including the taxpayer’s name, date of birth, Social Security number and filing status. After that data is successfully supplied, the IRS uses a service from credit bureau Equifax that asks four so-called “knowledge-based authentication” (KBA) questions.

These KBA questions — which involve multiple choice, “out of wallet” questions such as previous address, loan amounts and dates — can be successfully enumerated with random guessing, but much of the data is readily available via free online social networking and consumer tracking services like Spokeo.

If any readers here doubt how easy it is to buy personal data on just about anyone, check out the story I wrote in December 2014, wherein I was able to find the name, address, Social Security number, previous address and phone number on all current members of the U.S. Senate Commerce Committee. This information is no longer secret (nor are the answers to KBA-based questions), and we are all made vulnerable to identity theft as long as institutions continue to rely on static information as authenticators.

My guess is that a huge chunk of 334,000 victimized via the IRS’s site this year probably will not request the IP PIN and will in fact have fraudulent tax returns filed with their info — whether they request the IP PIN and it is stolen or not. The IRS should just issue the IP PINs to affected taxpayers, instead of asking victims to do it themselves.

Incidentally, the IRS’s Twitter account is still promoting the online Get Transcript capability, even though it no longer offers the service online. For now, the only way to obtain a transcript is via snail mail.

IRS's Twitter account urging followers to use a service that hasn't been available for months.

DON’T BE THE NEXT VICTIM

In notifying 334,000 taxpayers affected by its Get Transcript debacle, the IRS predictably offered victims free credit monitoring services from Equifax. The IRS makes no mention of a more effective way to block ID thieves: Placing a “security freeze” on one’s credit files with the major credit bureaus. See this tutorial about why freezes are more effective than credit monitoring in blocking ID thieves from assuming your identity to open up new lines of credit.

While it’s true that having a security freeze on your credit file won’t stop thieves from committing tax refund fraud in your name, it would stop them from fraudulently obtaining your IP PIN. Also, anyone who has a freeze in place will need to temporarily lift that freeze to take advantage of any credit monitoring services (in this case, the consumer would need to briefly thaw a freeze at Equifax).

-File before the fraudsters do it for you – Your primary defense against becoming the next victim is to file your taxes at the state and federal level as quickly as possible after the 2016 Tax Filing Season begins — which is usually the second or third week in January. Remember, it doesn’t matter whether or not the IRS owes you money: Thieves can still try to impersonate you and claim that they do, leaving you to sort out the mess with the IRS later.

-Get on a schedule to request a free copy of your credit report. By law, consumers are entitled to a free copy of their report from each of the major bureaus once a year. Put it on your calendar to request a copy of your file every three to four months, each time from a different credit bureau. Dispute any unauthorized or suspicious activity. This is where credit monitoring services are useful: Part of their service is to help you sort this out with the credit bureaus, so if you’re signed up for credit monitoring make them do the hard work for you.

Monitor, then freeze. Take advantage of any free credit monitoring available to you, and then freeze your credit file with the four major bureaus. Instructions for doing that are here.

-File form 14039 and request an IP PIN from the government. This form requires consumers to state they believe they’re likely to be victims of identity fraud. Even if thieves haven’t tried to file your taxes for you yet, virtually all Americans have been touched by incidents that could lead to ID theft — even if we just look at breaches announced in the past year alone.

FIGHT BACK

Thieves involved in tax return fraud may be laughing all the way to the bank, but that doesn’t mean we have to suck it up and take it: Exercise your rights to obtain a copy of the phony return, and you may just help put crooks in jail.

If you become of the victim of tax fraud and are motivated to learn who helped to defraud you and Uncle Sam, you can file form 4506 (plus a $50 fee) to get a copy of the return. That information can be shared with your local police, who may be able to use to track down people who help launder the proceeds from tax refund fraud.

Earlier this year, I wrote about Isha Sesay, a Pennsylvania woman who was arrested for receiving phony IRS refunds on behalf of at least two tax fraud victims. Among Sesay’s victims was resident Mike Kasper, whose request for the filing led to Sesay’s arrest. Kasper’s hard work helped expose the IRS’s pervasive authentication weaknesses and later testified to Congress about his ordeal. Sesay is currently scheduled to plead guilty (PDF) to the charges on Dec. 18.

Turns out, Kasper’s sleuthing was key to Sesay’s prosecution. When he found out he’d been victimized, Kasper requested the copy of returns that fraudsters filed in his name, but he did so before filing form 14039 to request an IP PIN.  Had he done it in the opposite order, the IRS would have redacted all of Ms. Sesay personal and financial information.

Poughkeepsie, NY victim Michael Kasper testifying before the Senate Homeland Security Committee in June 2015.

In testimony before the Senate this year, IRS Commissioner John Koskinen explained the reasoning behind that decision: A fraudulent return could include the personal information of other people. The end result is that it is better to file from 4506 and pay $50 to request a photocopy of the fraudulent return before you file form 14039 to formally report the fraud.

“There is a section 6103 of the US code that imposes stiff criminal penalties for sharing tax return information  and the IRS’s tortured view of reality interprets this law, which is intended to protect personal information, so that once you report fraud and they know some information on the return might not be yours, they believe it is against the law for them to ever share that information with you,” Kasper said.

“As a result, when they recently created the process above for victims to get a copy of the fraudulent tax returns filed in their name, the IRS decided they need to redact any personal info that could possibly belong to a criminal,” Kasper continued. “They do everything they can to protect the privacy of the criminal who already violated your privacy. You actually lose all of your rights once you report the crime so it’s better to wait.”

 

 

Posted in Blogs, Privacy, Security, Uncategorized | Tagged | Leave a comment

Protect your data files with Windows 10’s enhanced File History tool

Protect your data files with Windows 10’s enhanced File History tool

Windows 10 offers an improved version of the File History tool. Here’s a rundown of how it works, configuration tips, and a walk-through of the new features.

hero
Image: iStockphoto.com/doguhakan

Everyone knows it’s important to regularly back up the data on their computer’s hard disk. But knowing it is one thing; doing it is another. Fortunately, Windows 10 comes with a tool called File History that makes backing up and restoring files as easy as 1-2-3.

File History isn’t new to Windows 10; it was included in Windows 8.x as well. However, this version comes with an enhanced user interface and several new capabilities that offer definite improvements over its predecessor.

In this article, I’ll show you how to enable File History from the new user interface and how to configure it. As I do, I’ll explain how File History works and tell you about the new features in Windows 10.

How it works

Before I show you how to set up and configure File History, let me describe how it works. When you have everything in place, File History will back up all the files and folders you choose. Once the initial backup operation is complete, File History will go into a stealth monitoring mode, where it looks for changes to files. When a file is changed, File History records those changes while keeping track of the original version of the file.

This means that in addition to being able to restore the whole file in the event of corruption or accidental deletion, you can revert a file to a previous state after making changes to it. More specifically, if you make changes to a document and then later regret it, File History will allow you to roll back to an earlier version of the file.

To perform this feat, File History takes advantage of a feature built into the NTFS file system called the change journal. Essentially, when any change is made to a file or folder on your hard disk, the change journal is updated with a description of the change and the name of the file or folder. So to determine which files need to be backed up, File History simply consults the NTFS change journal. Using the change journal is fast and efficient and won’t suck up tons of system resources like running a conventional backup routine does.

File History has some other cool efficiency features up its sleeve as well. If the device configured as the backup location becomes unavailable, such as when a USB cable is disconnected or the network goes down for maintenance, File History will continue to do its job by saving the copies to a cache on the local drive. Once the backup location becomes available again, the cached contents are transferred to that location and removed from the local drive.

In addition, File History is sensitive to resource utilization. In other words, if File History is running and some other task needs the same system resources, File History will automatically back off and go into an idle state as it waits for the other task to finish before it resumes.

File History is also aware of activity related to mobile computing, such as whether a device is running on AC or battery power and whether the system has gone into Sleep mode, and it will adjust accordingly so as not to interfere with power-saving features.

A backup drive

To begin with, you’re going to need a place for File History to back up your data. File History can work with an external hard disk or a specially configured share on a network.

You can find 1TB and 2TB external hard disks in both brick-and-mortar and online computer stores for under $100. For example, at the time of this writing, you could pick up a Seagate 1TB external USB hard drive at Best Buy for $59.99 or a Western Digital 1TB external USB hard drive on Amazon Prime for $53.99.

For this article, I’m using a Seagate FreeAgent GoFlex Desk 1 TB USB 3.0 External Hard Drive, which I picked up Best Buy several years ago.

Getting started

To get started using The Windows 10 version of File History, access Settings from the Start menu or from the Action Center. (Keep in mind that the Windows 8 version still exists in Windows 10 in the Control Panel.)

Once you have the Settings window open, select the Upgrade & Security tile. Then, select the Backup tab to open the Back Up Using File History page, shown in Figure A.

Figure A

Figure
You’ll get started with File History on the Update & Security>Backup tab in Settings.

Now, click the Add A Drive button. Windows 10 will search for a drive and then prompt you to select a drive, as shown in Figure B.

Figure B

Figure B
After you have connected your external hard disk, click the Add A Drive button.

After you select that drive, File History is turned on and ready to back up your files automatically, as shown in Figure C. (You may have to close the Settings window and return to the Backup tab before you see that File History is turned on.)

Figure C

Figure C
After you select a drive, File History is turned on and ready to back up your files.

At this point, you’ll need to configure how you want File History to work.

Configuring File History

To configure File History, click the More options link to display the Backup Options page, shown in Figure D. The Overview section indicates that the initial backup hasn’t yet begun. But before you click the Back Up Now button, you should investigate the configuration options.

Figure D

Figure D
Before you click Back Up Now, check out File History’s configuration options.

By default, File History will check the change journal every hour and back up any files that have been altered. However, the Back Up My Files dropdown menu allows you to change that frequency. You can choose a setting from every 10 minutes to once a day. You can also change how long you want File History to maintain backup versions. While the default setting is Forever, you choose anywhere from one month to Until Space Is Needed. The composite image in Figure E shows both menus.

Figure E

Figure E
You can change how often File History looks for changes as well as how long it should keep versions of your files.

If you stick with the Forever setting and the hard drive that you are using fills up, you will have to manually initiate a cleanup operation from the Control Panel version of File History. If you select Until Space Is Needed, File History will automatically remove the oldest versions of the files it’s monitoring when hard disk space gets low. If you select one of the timeframe settings, File History will automatically remove the oldest versions when that time setting elapses for the files it’s monitoring.

The next section, Back Up These Folders, shows you a list of all the folders File History is configured to back up and monitor. By default this will be all the folders in your user account folder (e.g., C:\Users\yourname\). This includes Documents, Music, Pictures, and Videos, as well Contacts, Favorites, Downloads, and any files on your Desktop. If you’re using OneDrive, File history will also back up your OneDrive folders.

In the Windows 8 version of File History, you can back up only the files and folders that were in your user account folder. The new Windows 10 version of File History will allow you to back up other local folders by using the Add A Folder button. If you want to remove a folder from the Back Up These Folders list, just select the item and click the Remove button. Figure F shows these features.

Figure F

Figure F
You can add and remove folders from the Windows 10 File History interface.

At the bottom of the page, you’ll find the Exclude These Folders and the Back Up To A Different Drive sections, shown in Figure G. When you select a folder, any subfolders underneath it will be backed up too. If there are files in a subfolder you don’t want to back up, just use the Exclude These Folders button. If at a later date you want to back up to a different drive, you will need to use the Stop Using Drive button. Then you can go back to the main page and use the Add A Drive button to select the one you want.

Figure G

Figure G
You can exclude specific folders and change the backup drive.

Making your backup

Once you are finished configuring File History, return to the top of the page and click the Back Up Now button. File History will display the size of the backup and indicate that your files are being backed up. It will also let you know when the backup is complete. Figure H shows both of these states.

Figure H

Figure H
File History provides pertinent information while the backup is running and when it is complete.

When your initial backup is complete, just close the Settings window. From this point forward, File History will monitor all the files and folders you have chosen and back up any files that you change.

About Greg Shultz

Greg Shultz is a freelance Technical Writer. Previously, he has worked as Documentation Specialist in the software industry, a Technical Support Specialist in educational industry, and a Technical Journalist in the computer publishing industry.

Posted in Blogs, Microsoft, Windows 10 | Tagged , , , | Leave a comment