503 – OneDrive Personal Vault

clip_image001A previously-announced capability of OneDrive has been widely rolling out – the Personal Vault. This is a special area of your OneDrive Personal storage which is invisible until you choose to unlock it, using a second strong factor of authentication (such as 2FA and the Microsoft Authenticator mobile app). On a mobile device, you can use a PIN, fingerprint or facial recognition to provide the additional identity verification.

clip_image003When you unlock the Personal Vault from the OneDrive app on your PC (eg. right-click on OneDrive’s white cloud icon in your system tray), it appears as a special folder clip_image004under the root of your personal OneDrive folder list, on PCs where your OneDrive content is synchronised.

Browsing in your OneDrive data folder, you may need to enable Hidden Items in the View tab to even see it.

You can treat it like any other folder, adding files and other folders that are particularly sensitive – scans of important but infrequently-accessed documents like passports, driving licenses and so on.

Why infrequently accessed, you may ask?

clip_image006When the PV is visible, it will re-lock after 20 minutes of inactivity (or can be locked manually) and would need another 2-factor authentication method to unlock it again (text message, phone-app approval etc). On the PC, when the PV is locked, the “Personal Vault” folder (and therefore everything under it) is completely hidden and therefore any files within it do not exist as far as Windows is concerned.

clip_image008In fact, the PV isn’t just a hidden folder – it’s treated by Windows as another physical volume that is mounted on the PC for the duration of it being unlocked; a Junction is then created so it can be accessed as if it’s part of your OneDrive data folder. When the PV is locked again, the volume is clip_image010dismounted and the junction disappears, so there is no way to access the data using the normal file system.

If you had a file in your now-locked PV that you tried to access from clip_image012the most-recently-used files list in either Windows itself or within an appclip_image014, you’ll get a jarring “file does not exist” type error rather than a prompt to unlock the PV and the file within.

Maybe apps will in time come to know that a file is in PV, and prompt the user to unlock before opening?

Then again, security through obscurity (the most sophisticated form of protection, right?) might be a good thing here; when the PV is locked, there is no such folder therefore no apps can get access to it without the user taking specific and separate action to unlock it first. Not being seen is indeed a useful tactic.

clip_image016Personal Vault can be accessed from the PCs or mobile devices through the OneDrive app, or in a browser – at onedrive.com. No Mac support is planned.

Unlike in the PC scenario, the PV folder is always shown and indicates if it’s open or locked based on the icon.

The Web UI offers other help and advice about how to use the Personal Vault effectively.

clip_image017

OneDrive on PC – Setup error 0x8031002c

clip_image019Enabling Personal Vault for the first time might throw an error if your PC is corporately managed with a BitLocker policy.

To work around this and get up and running, try:

  • Press WindowsKey and type Group Policy, then open the Edit group policy control panel (if you don’t see this or get an error, try running mmc from a WinKey+R prompt, then File | Add/remove Snap-in | Group Policy Object… | clip_image021Add | Local Computer | Finish | OK)
  • Expand to the Computer Configuration | Administrative Templates | Windows Components | BitLocker Drive Encryption | Fixed Data Drives node
  • Double-click on the Choose how BitLocker… setting and update it to Disabled then hit OK
    clip_image022
  • Press WindowsKey+R and type cmd then hold SHIFT+CTRL when pressing ENTER, to run the command prompt with administrative rights
  • In the ensuing command prompt enter gpupdate /force and, assuming everything runs without blowing up, you can close the command & Group Policy windows down and try enabling Personal Vault again.

Tip o’ the Week 486 – Cloud Storage Bonanza

clip_image002Microsoft’s OneDrive end-user cloud storage system was in the news this week, as plans were unveiled to allow people to buy more storage space than was previously available. The tl;dr version of this is that in addition to your free 5GB of storage when you sign up for OneDrive, you can opt in to buy an additional block of 50GB for $1.99 a month. Now, you’ll get 100GB for the same amount, and Office 365 users will soon be able to buy even more.

clip_image003If you visit the OneDrive.com site and sign in, you’ll see the total space being used in the lower left, and have the option of upgrading your service – but it’s pretty clear that Microsoft doesn’t want you to buy OneDrive storage on its own… in a Tarrantesque “We don’t want to give you that!” move, you’d need to click through

several “are you sure you don’t want Office 365 instead?” type dialogs.

The best way to get clip_image005additional OneDrive storage is indeed to get Office 365 Personal, if you only need one account – and for your $70 / £60 per year, you get 1TB of storage plus all the additional awesomeness of Office 365 for your home delight.

An even better solution would be to fork out an extra $30 / £20 per annum to get up to 6 accounts; even if you don’t plan on sharing O365 with your extended family, you could set up separate accounts for different purposes – eg if you want to backup all your movie files from a home NAS, that could be a separate login to your primary one, or if you store RAW format images you could keep them in one OneDrive login while enjoying your processed photos in your regular account.

If you really need more than 1TB per login, Office 365 will soon let you buy addon storage, so for $2 per month more, you can add storage in 200GB blocks, all the way up to an additional 1TB for an extra $9.99 per month.

Online commenters have already pointed out that you could buy 2TB of storage outright from Google for $10/month without first needing to have an Office 365 subscription, but let’s get distracted by that.

Tip o’ the Week 483 – mobile OCR and Office

clip_image002Optical Character Recognition is one of those technologies which has gone from being just-about-possible at great expense and hassle, to so mainstream that people just assume it will work flawlessly, all in a relatively few years. Numerous companies offer OCR services or addins to line-of-business systems which help to prepare printed data for easier consumption – scanning invoices for example.

clip_image004Consumers tend to use OCR in other ways; combined with language translation, you can point your phone at a foreign menu or sign and it may be able to help you understand. clip_image006In OneNote, if you have captured an image (maybe through the clipper addin from your browser), then it can extract the text from that picture – not always perfectly, and not necessarily well-formatted, but it’s probably quicker than re-typing everything.

Near OCR functionality is also pervading the slew of freely available Office apps for Android tablets, phones and even Chromebooks, and similar versions for iPad and iPhone.

A recent addition to the iOS version of Excel is the ability to scan a table of printed data and use OCR plus a bit of tweaking, to import the data into the spreadsheet. See more here. The same functionality was first made available on Android a couple of months earlier

clip_image001Start with the grid capture icon on the toolbar of a new spreadsheet, and then use the camera to highlight the area of a document that you’re interested in – the UI will be familiar to anyone who uses Office Lens, as the same anti-skewing technology is used to prepare the “document” for importing.

clip_image007clip_image008clip_image009

Then the OCR goes to work and tries to lay out the data as closely as possible to its source – obviously, your accuracy will be improved by having a well-lit and clear original document, and you’ll get to tweak the contents in context of seeing the OCR’d data and the scan at the same time, before committing to insert it.

Tip o’ the Week 463 – Photographs, eh (he asked him knowingly)?

clip_image002Nudge Nudge! We’ve all taken photographs and wanted to manipulate them with better tools or on a better screen than presented by our smartphones, haven’t we? Pros might use Photoshop (and some less than Pro too), but for the mere mortals among us, the Photos app for Windows 10 can do a lot of the basics really well.

There are some simple but reasonable tips on getting more out of Photos here, and if you’re still missing Movie Maker, then you could do worse than check out Photos’ ability to edit videos, as discussed here.

clip_image004There’s a recently-released beta extension for Windows which provides support for RAW images (well, some of them)see more here.

If you already use Photos, have you noticed that when using a Modern App to manipulate files (eg inserting a photo into OneNote or Mail), then you’ll see Photos appear as a node in the file chooser dialog?

You get the ability to use some of the Photo app functionality for organising your pics – like using search, viewing by subject or use the Timeline feature to quickly jump to a picture based on the date it was taken.

clip_image006

In a rare departure from the mantra that modern apps are somehow inferior to proper ones, here’s an example where using a UWP app is demonstrably better than its Win32 counterpart.

See for yourself –  when you’re used to the Photos app functionality and go back to a non-Modern app (like the zombie OneNote 2016 application that’s still a lot more functional in many ways than its UWP sibling), the file dialog box is shorn of Photos addenda and you’re back to grubbing about in the file system to find your files.

Tip o’ the Week 460 – AI, AI, Oh…

clip_image002Artificial Intelligence has been dreamt of for decades, where machines will be as smart – or maybe smarter – than humans. AI in popular consciousness is not just a rubbish film, but if you’re a brainless tabloid journalist, then it means Siri and Alexa (assuming you have connectivity, obvs … and hope there’s no Human Stupidity that forgot to renew a certificate or anything), and AI is also about the robots that are coming to kill us all.

Of course, many of us know AI as a term used to refer to a host of related technologies, such as speech and natural language recognition, visual identification and machine learning. For a great example on practical and potentially revolutionary uses of AI, see Dr Chris Bishop’s talk at Future Decoded 2018 – watch day 1 highlights starting from 1:39, or jump to 1:50 for the example of the company using machine learning to make some world-changing medical advances.

clip_image004Back in the mundane world for most of us, AI technologies are getting more visible and everyday useful – like in OneDrive, where many improvements including various AI investments are starting to show up.

One simple example is image searching – if you upload photos to consumer OneDrive (directly from your phone perhaps), the OneDrive service will now scan images for text that can be recognized… so if you took a photo of a receipt for expenses, OneDrive might be able to find it if you can remember what kind of food it was.

clip_image006There’s also a neat capability where OneDrive will try to tag your photos automatically – just go into www.onedrive.com and look under Photos, where you’ll see grid of thumbnails of your pictures arranged by date, but also the ability to summarise by album, by place (from the geo-location of your camera phone) clip_image008or by Tag. You can edit and add your own, but it’s an interesting start to see what the visual search technology has decided your photos are about… not always 100% accurately, admittedly…

More AI goodness is to come to Office 365 and OneDrive users in the near future – automatically transcribing content from videos stored online (using the same technology from the Azure Video Indexer and Microsoft Stream), to real-time PowerPoint captions. Watch this space… and mind the robots.