This week, we tackle three thorny questions: Are text messages too dangerous to use as a second factor for 2FA? Do you really need Windows 11 Pro edition? And why do smoke detector batteries always seem to die in the middle of the night?  If you’ve got a question about any of the topics ZDNet covers, one of our team of editors and contributors probably has an answer. If they don’t, we’ll find an outside expert who can steer you in the right direction.  Questions can cover just about any topic that’s remotely related to work and technology, including PCs and Macs, mobile devices, security and privacy, social media, home office gear, consumer electronics, business etiquette, financial advice … well, you get the idea.  Send your questions to ask@zdnet.com. Due to the volume of submissions, we can’t guarantee a personal reply, but we do promise to read every letter and respond right here to the ones that we think our readers will care about.  Ask away.  Send your questions to ask@zdnet.com. Due to the volume of submissions, we can’t guarantee a personal reply, but we do promise to read every letter and respond right here to the ones that we think our readers will care about. Be sure to include a working email address in case we have follow-up questions. We promise not to use it for any other purpose.    The most basic form of 2FA involves a text message, sent via SMS to a phone you previously registered with your account. After you type in your password, you receive a text message with a code that you enter as the final step of authenticating.  SMS-based 2FA is absolutely better than no 2FA. But it’s vulnerable to a variety of attacks, including SIM swapping, where the bad guy is able to intercept the SMS messages and take over the account. This type of attack takes a great deal of work and is most likely to target a high value account, like someone who works at the support desk for a big corporation. But even if you aren’t a target for a global hacking network, it’s smart to steer clear of SMS authentication whenever you can. There are two great alternatives to SMS-based 2FA codes. First is a free authenticator app, which generates 2FA codes or receives approval prompts directly on your phone. (For details, see “Protect yourself: How to choose the right two-factor authenticator app.”) For maximum security, consider a physical hardware key that you connect using USB or NFC. Hardware keys cost more and aren’t as easy to use, but they’re ideal for high-value accounts that need extra protection. (See “YubiKey hands-on: Hardware-based 2FA is more secure, but watch out for these gotchas.")  For most consumers, Home edition is good enough. Businesses that run on Windows enterprise networks need Pro edition, however, because it’s a requirement to join a PC to a Windows domain or Azure Active Directory account and then manage that PC with Group Policy and mobile device management software.  Pro edition does have a few added features you might be willing to pay for, especially if you’re planning to use your PC for business. 

It supports full BitLocker encryption without requiring the user to sign in to a Microsoft account. It also allows the use of Windows Information Protection features for secure document sharing. You get to use the full Hyper-V virtualization platform to create and run virtual machines. You can configure Pro edition to be a remote desktop server, allowing you to connect to it remotely from another Windows PC (even one running Home edition) or from a Mac or a mobile device. Instead of installing updates on Microsoft’s schedule, you can set up custom schedules for devices, deferring updates for up to 30 days while you wait for other people to experience any update-related bugs. 

But that’s pretty much it.  If you prefer a PC that comes with Windows 11 Pro (or Windows 10 Pro, for that matter), your best bet is to look online, where you can find stores that specialize in PCs built for business. You can also go to online dealers like Dell, who will happily configure a PC to your specifications. Adding the upgrade to Windows Pro typically costs $50-80.   Or you can buy one of those PCs with Home edition installed and upgrade it yourself.  If you have a license key for a Pro or Business edition of Windows 7, Windows 8.1, or Windows 10, you can use it to upgrade. (Instructions here: “How to upgrade from Windows 10 Home to Pro for free.")  You can also buy the Pro license online. The full retail price is $200 (ouch) at the Microsoft Store. You can find legitimate discounts of $50 or so from other online retailers, but be very suspicious of any discount that’s more generous than that. If you see someone offering a “lifetime license” for Windows 11 Pro for $49, there’s a good chance that the seller is not authorized to distribute that license, and there’s a chance (small, but not zero) that Microsoft could revoke your license key in the future.  Now that we’ve settled, that, please don’t disconnect your smoke detector. It can literally save your life by giving you early warning of a fire so you have time to escape. Modern alarms can also detect another potential killer: the odorless but deadly carbon monoxide.  The simplest fix is to set a calendar reminder to change those batteries around the same time every year, using fresh, high-quality lithium batteries. Don’t use rechargeable batteries, and don’t use batteries that have been in storage for a while. For those of us in the Northern Hemisphere, Halloween is a good date, in my experience, as it leads into the winter when windows are likely to be closed most of the time and house fires (and carbon monoxide poisoning) are statistically more likely.  If you’d prefer to skip that annual chore, get batteries specifically intended for long-term use in smoke detectors and other critical devices. The Energizer Ultimate Lithium battery, for example, is designed to last 10 years, which is also how often most smoke detectors should be replaced. Just remember to set a calendar reminder for a decade from now to replace those batteries!