Yogi uses a text file to store all his passwords. It's encrypted, and his passwords are randomly generated. He then cuts and pastes the password to enter it. Is that safe? Leo says yes. If his computer has a key logger, it can't read a cut and paste like it can his typing. An easier way, though, would be a password manager like LastPass or 1Password. Steve Gibson also has a password generator at grc.com/passwords
Freddie's brother in law died and he's trying to get into his Linux laptop to settle his estate, but he doesn't have password. Leo says that if he can get into recovery and read the hard drive, then he's OK. He could have also encrypted the hard drive to make it impossible to get into it. Since he didn't do that, though, it may be possible to bypass it with single user mode and run with root access by pressing CTRL + S on startup. Or, Freddie can get third party software that can find the password and crack it. Google "Linux Unlock Disc." There's also an option for emergency access.
Kevin is looking for a password vault or manager to store all his passwords. Leo says that the best password is long and strong, with random characters, letters, and punctuation symbols. But he'll never remember it. That's why Leo recommends LastPass, which can not only generate the passwords, but also can keep them safe. 1Password is another. This also creates a single point of failure, though. There's nothing wrong with having a notebook that he can write them down in.
Having a password protected login for Windows is essential to keep your data safe in a more public space. If you're just using your computer in your own home, however, it can be more of a nuisance. By default, Windows prompts you to create a password, but there are ways to get around this.
George bought a new Microsoft Surface Book 3. He was hoping it would be more consistent with Windows 10. How can he turn off the log in and just have it always logged in? Leo says he can type the Windows key + R, and type "Users" and disable the password requirement for logging in. George could also go into the power settings and have it not log out or go to sleep as fast.
Chris is having problems with the keychain password feature of his iPhone. He can't change the phone number associated with his keychain on any of his devices. Leo says that is a recovery feature that will send a recovery code via SMS to change his passwords. Leo says that second factor authentication is an important thing. If he has to get rid of the number, simply deleting it is what Apple recommends. They've also had trouble with keychain, though. Apple support may be needed and have them reset the keychain from their end.
Nick has forgotten the password on his Windows 8.1 laptop. How can he crack it so he can give it to his sister? Leo says that there's password crackers that can work with Windows 8.1. If he logged in using his Microsoft account, however, he can go to his Live account at live.com and reset his password. Then he can get into it and do what he needs to do.
Twitter security officials have admitted that the social media site was hacked this week, exposing the passwords of over 32 million twitter accounts. Though hackers posted the passwords online, officials say that they are confident no other information was obtained.
Leo says that if you are a Twitter user, you may want to change your password, and even better, use a password vault to generate it.
Read more at TechCrunch.com.
Dan was using his iPhone 5s and he got a message that someone is trying to sign into a device using his Apple ID. Apple says that they don't send out messages like that. Leo says that isn't really accurate as he's gotten those as well. Any time you sign into a new device, you get that message. If it comes with a suggestion to change the password, however, then that could be a ploy to steal his Apple ID from a browser. He should never do that.
Bonnie wants to know why the user interface of LastPass had suddenly changed. Leo says its a good question, and programs do this all of the time to keep them up to date. Leo says a password vault is kind of a special thing, something that people need to trust. LastPass had been sold from an individual to LogMeIn about 6 months ago. One of the reasons he did it is because LogMeIn has more resources, and one of the things LogMeIn paid to do was update it to something more elegant. Bonnie can go back to the old style, however.