password managers

What password vault should I use?

Episode 1414

Jason from Cooper, TX
LastPass

Jason wants to know if using a password manager on a mobile phone is a good idea. Leo says absolutely. It will keep track of all his passwords so all he needs to do is remember one. Leo likes Last Pass, but many iPhone users prefer 1Password. Both are equally good. There's also DashLane. Any of those three will do the job. He should just make sure he creates a difficult password to crack, but one that he can remember.

Are my passwords safe?

Episode 1349

Yogi from Long Beach, CA
LastPass

Yogi uses a text file to store all his passwords. It's encrypted, and his passwords are randomly generated. He then cuts and pastes the password to enter it. Is that safe? Leo says yes. If his computer has a key logger, it can't read a cut and paste like it can his typing. An easier way, though, would be a password manager like LastPass or 1Password. Steve Gibson also has a password generator at grc.com/passwords

Why is Apple's Time Capsule so slow to back up?

Episode 1128

Aiden from Ireland
Apple Time Capsule

Aiden made the switch to a Mac and his Time Capsule takes forever to backup. It works just fine in Windows, though. Leo says there are a number of different protocols, and Windows uses that SMB, which is the default language. Apple uses its own protocol called AFP, which is based on the older AppleTalk. Leo advises going into the settings and turning all the protocols on. That will allow it to use the fastest available.

Celebrity Nude Data Breach Underscores Need for Second Factor Authentication

Episode 1116

With the breaking news that several celebrities who had their cloud accounts hacked and nude photos published on the internet, Leo says that this underscores the need for second factor authentication. Companies use secret questions so that you can answer them and get your password or reset it. But Leo says that people make the mistake of answering these questions truthfully. And for a celebrities, that's very easy to discover. Leo uses pneumonics and puts in bogus answers that only he knows and nobody can guess.

What are the first things I should do after buying a MacBook Pro to protect my data?

Jeff from Raleigh, NC

Episode 1115

Leo says since most MacBook Pros come with SSDs now, it's important to turn on drive encryption right away. If he doesn't encrypt the drive from day one, some data could end up unencrypted on that drive. Turn on encryption before putting private data on it. The Mac comes with something called File Vault for encryption, which he can access right from the Mac's System Preferences. He just has to turn it on, and he won't even know it's running. The only reason to do this is in the event that his computer was stolen.

eBay Has a Data Breach, Tells Customers to Change Passwords

Episode 1085

eBay

eBay announced a massive data breach and Leo advises users reset their passwords. What's interesting is that the news broke on Wednesday, and eBay has known about it for three weeks. It makes Leo wonder just how bad the breach was. eBay says it was a leak of encrypted passwords. Regardless of how bad, Leo says it's best to change your password. And if you use that password elsewhere, time to stop doing that and use a password manager like LastPass.

'Heartbleed' Flaw in OpenSSL Exposes Passwords on Many Popular Websites

Episode 1074

OpenSSL is a widely used protocol for providing secure internet traffic. The "Heartbleed" bug takes advantage of a hole in OpenSSL to peer into the memory of SSL servers. It can allow a hacker to ping 64K of random memory repeatedly, thereby allowing them to glean usernames and passwords, and even fake a server certificate.