<li>On the screen titled "Create Key," pick a strong password! We recommend the Diceware method, which creates passwords which are both strong and memorable. To use the Diceware method, you will need dice and this <a href="http://world.std.com/~reinhold/diceware.wordlist.asc">list of words</a>. Do not substitute computer dice for physical dice. Notice that each word on the word list corresponds to a unique five-digit number. Roll one die five times, or five dice once, then string the numbers on the dice dice together to create a five-digit number, and then look up the corresponding word.</li>
<li>Repeat this process until you have at least six words, separating each with a space and keeping them all lowercase. You'll end up with a password like "dog help people drive match ice." Don't rearrange or discard the words, because doing so makes the process much less secure.</li>
<li>Diceware passwords are hard to remember until you've typed them in a handful of times. Write down your password and keep it with you at all times until you've got it memorized. Then, destroy the piece of paper.</li>
- <li>If you don't have dice, pick a password which is at least twelve characters long, and includes at least one lower case and upper case letter and at least one number or punctuation symbol. Don't forget your password, or all of this work will be wasted!</li>
+ <li>If you don't have dice, pick a password which is at least twelve characters long, and includes at least one lower case and upper case letter and at least one number or punctuation symbol. Never pick a password you've used elsewhere. Don't use any recognizable patterns, such as birthdays, telephone numbers, pets' names, song lyrics, quotes from books, and so on. Don't forget your password, or all of this work will be wasted!</li>
</ul>
<p class="notes">The program will take a little while to finish the next step, the "Key Creation" screen. While you wait, do something else with your computer, like watching a movie or browsing the Web. The more you use the computer at this point, the faster the key creation will go.</p>
<p><span style="font-weight: bold;">When the "Key Generation Completed" screen pops up, select Generate Certificate and choose to save it in a safe place on your computer (we recommend making a folder called "Revocation Certificate" in your home folder and keeping it there). This step is essential for your email self-defense, as you'll learn more about in <a href="#section5">Section 5</a>.</span></p>
<p>Address the message to edward-en@fsf.org. Put at least one word (whatever you want) in the subject and body of the email. Don't send yet.</p>
-<p>There should be an icon of a yellow key in the bottom right of the composition window. This means that encryption is on, however, we want this first special message to Edward to be unencrypted. Click the key icon once to turn encryption off. The key should become grey, with a blue dot on it (to alert you that the setting has been changed from the default). Once encryption is off, hit Send.</p>
+<p>The lock icon in the top left should be yellow, meaning encryption is
+turned on. We want the this first special message to be unencrypted, so
+click the icon once to turn it off. The lock should become grey, with a
+blue dot on it (to alert you that the setting has been changed from the
+default). Once encryption is off, hit Send.</p>
<p class="notes">It may take two or three minutes for Edward to respond. In the meantime, you might want to skip ahead and check out the <a href="#section5">Use it Well</a> section of this guide. Once he's responded, head to the next step. From here on, you'll be doing just the same thing as when corresponding with a real person.</p>
projects / enc-live.git / commitdiff