Using Facebook on a public computer, or even on a friend's computer, can be risky. Facebook stores a cookie in the browser that enables the user to get into the site without actually logging in. This would make it possible for someone else to easily gain access to your account. Instead of avoiding Facebook entirely, there is a way you can still use it and prevent someone else from being able to get in — by using a one-time password.
Andrea's mother has problems remembering her passwords. What's the best way to do it? Leo says we all have a problem remembering them, and if it's easy to remember, there's a good chance it will be easily cracked. She'll want her password to be difficult, but by extension, that makes them difficult to remember. Writing them down isn't a bad idea as long as nobody has access to them. A password vault would be a good idea, where she would let the software generate all of her passwords and all she needs to remember is the master password.
Buzz is having a problem with 2 factor authentication on Apple's Mail app. He is able to input his password, but it won't take it. Leo says that Apple should create an authenticator program that can be used to verify user identity that can then be texted to him. That way, he's protected. If he's having trouble with it, Apple is really the only one that can solve the issue. It may be that his password has been changed and he forgot.
Mike is worried that Google has all of his banking information. Leo says it's not to worry about. They don't have it. If anything, his browser has that information and that's much more dangerous. It may be a good idea to reset his browser to get rid of all that. Then turn on second factor authentication to make sure that any attempt to change his password or access his account will be stopped. Mike shouldn't worry about Google, though. They're quite secure, and Chrome is a secure browser.
Caleb wants to know if it's safe to use the same password across different web accounts. Leo says no, because once one site gets hacked, they can use that password information to guess the passwords for other sites. Many do this, and it's how the Turkish Crime Family was able to hack over a million iCloud accounts. Password vaults make different passwords for every site and you have only one password to open the vault. But that's not on the internet anywhere, he'd just remember that. It's much safer that way.
Brian has tried several password vaults and he finds them all inconvenient. His frustration is that using his mobile device doesn't always work so well. He ended up on LastPass. Is that a good choice? Leo says yes. It's the one he uses. 1Password is another one, and it has the advantage of being able to save the vault somewhere else.
It should go without saying that having a current backup of your computer is an essential preventative measure in case the worst happens. But there's another very simple step you can take that can potentially save you a lot of headache -- create a secondary administrator account. Make sure that account is pure and is in the default Mac or Windows configuration.
Mark wants to know if password vaults are safe and what the best one is to get. Leo says yes, they are best because they generate impossible to remember passwords and keep track of them, so Mark would only have to remember the one password to open his vault. Leo uses LastPass. There's also 1Password. It's a valuable tool that everyone should use.
Frank has been using the same password for years and now suddenly the password won't work on his Windows Surface. Could the hard drive be going out? Leo says that it's more likely a keyboard issue. He should check the CAPS lock, SCROLL lock and NUM lock to make sure they aren't enabled. Another thing to do is enable the feature that will allow him to see his password as he types it.
Mike is worried about the Turkish Crime Family's iCloud hack. If he changes his password, couldn't they just hack it again to get them? Leo says that Apple has said it hasn't been hacked, and even if it had been, the hackers would have to "rehack" the system to get them. If Mike has turned on two factor authentication, they can't use his password anyway.
It's annoying to use two-factor, but it's the best last line of defense to prevent his account from being compromised. Also, he can use his TouchID on a new MacBook Pro and his iOS devices to insure verification.