Jerry has been using an app to hack a neighbor's Wifi for free WiFi. Leo says that is a violation of federal law and Jerry really shouldn't be doing that. And it probably doesn't work anyway since most wifi routers are using WPA2 these days and that's a lot harder to crack.
David's mother received a call from a scammer that asked for her Admin password, which she gave out. After that, they deactivated David's admin account. Leo says the computer is compromised and recommends reinstalling Windows while educating his mother about scammers and sensitive information.
Burt has a Motorola Max mobile device and an iPad. He got a notification to update his security and contact list on his phone, but the iPad gave him a notification that his Google password had changed without his knowledge. Leo says that's worrisome. It sounds like someone may have hacked his Google account. Leo advises going to iCloud.com to see if he can log in. If he can, then his AppleID is likely secure. But Leo advises changing the password again to verify everything.
Using Facebook on a public computer, or even on a friend's computer, can be risky. Facebook stores a cookie in the browser that enables the user to get into the site without actually logging in. This would make it possible for someone else to easily gain access to your account. Instead of avoiding Facebook entirely, there is a way you can still use it and prevent someone else from being able to get in — by using a one-time password.
Andrea's mother has problems remembering her passwords. What's the best way to do it? Leo says we all have a problem remembering them, and if it's easy to remember, there's a good chance it will be easily cracked. She'll want her password to be difficult, but by extension, that makes them difficult to remember. Writing them down isn't a bad idea as long as nobody has access to them. A password vault would be a good idea, where she would let the software generate all of her passwords and all she needs to remember is the master password.
Buzz is having a problem with 2 factor authentication on Apple's Mail app. He is able to input his password, but it won't take it. Leo says that Apple should create an authenticator program that can be used to verify user identity that can then be texted to him. That way, he's protected. If he's having trouble with it, Apple is really the only one that can solve the issue. It may be that his password has been changed and he forgot.
Mike is worried that Google has all of his banking information. Leo says it's not to worry about. They don't have it. If anything, his browser has that information and that's much more dangerous. It may be a good idea to reset his browser to get rid of all that. Then turn on second factor authentication to make sure that any attempt to change his password or access his account will be stopped. Mike shouldn't worry about Google, though. They're quite secure, and Chrome is a secure browser.
Caleb wants to know if it's safe to use the same password across different web accounts. Leo says no, because once one site gets hacked, they can use that password information to guess the passwords for other sites. Many do this, and it's how the Turkish Crime Family was able to hack over a million iCloud accounts. Password vaults make different passwords for every site and you have only one password to open the vault. But that's not on the internet anywhere, he'd just remember that. It's much safer that way.
Brian has tried several password vaults and he finds them all inconvenient. His frustration is that using his mobile device doesn't always work so well. He ended up on LastPass. Is that a good choice? Leo says yes. It's the one he uses. 1Password is another one, and it has the advantage of being able to save the vault somewhere else.
It should go without saying that having a current backup of your computer is an essential preventative measure in case the worst happens. But there's another very simple step you can take that can potentially save you a lot of headache -- create a secondary administrator account. Make sure that account is pure and is in the default Mac or Windows configuration.