second factor authentication

Has my Gmail account been hacked?

Episode 1362

Charles from Vienna, VA
Gmail Logo

Every time Charles tries to open Gmail on his Google Nexus, it wants him to sign in. He's suspicious that someone may have hacked his account. Leo says that there's a lot of reasons to be advised of that, but it's always wise to run Google's Security Checkup just to be safe. It'll tell him what devices are connected to his account and also input a second factor authentication warning.

Is email secure enough for sending sensitive information?

Episode 1353

Vernon from Pennsylvania
Email on iPhone

Vernon was told by his insurance company that they would be sending him documents via email, and the first two times, he didn't receive it. The third time they sent it, it arrived. They told him the document was encrypted, but he could put anything in the password field to open it. He's now concerned that his personal information could be out in the wild.

What should I do after my Apple ID was hacked?

Robert from Clovis, CA

Episode 1315

Robert's Apple ID got hacked and they've been changing all his passwords and email notifications. He contacted Apple and they aren't believing that he is who he says he is yet. Leo says that they are being deliberately slow now to avoid the social engineering snafu. They want him to provide proof through his payment records, but it may be that Robert got socially engineered and lost his password. That's why turning on 2nd factor authentication is important.

Change Your LastPass Master Password

On June 15, 2015, password manager LastPass made an announcement that its password database was hacked and some user account information had been stolen. Since LastPass has uses encryption and many layers of protection to slow down hackers, the damage will be minimal for LastPass users. While the hackers may have obtained the database of master passwords, they still don't have immediate access to everyone's passwords. That information has been encrypted, salted, and hashed, so it would take quite a bit of effort to break into it.

Do I have to use second factor authentication online every time?

Episode 1122

Jeri from Austin, TX
text messaging

Jeri isn't getting her text messages through her laptops, and her carrier is AT&T. Leo says that text messages are through the cell phone. Leo says that the first time she logs in, the bank will send her a text. She'll then input the code and the website will know that her browser activity is legit. But she shouldn't have to do it every time if she has the box checked to "trust this computer." Then it'll trust it every time and not worry about it.

How can I keep data secure on the iPhone?

Episode 1116

Adam from The Bronx, NY
Password

Adam has been keeping his bank information and passwords in the notes section of the iPhone, and he's wondering how secure that really is. Leo says that having different passwords for every account is a good thing and using a password manager is the best way to handle them. So take that next step and get LastPass. He should also turn on second factor authentication on every site that supports it.

Celebrity Nude Data Breach Underscores Need for Second Factor Authentication

Episode 1116

With the breaking news that several celebrities who had their cloud accounts hacked and nude photos published on the internet, Leo says that this underscores the need for second factor authentication. Companies use secret questions so that you can answer them and get your password or reset it. But Leo says that people make the mistake of answering these questions truthfully. And for a celebrities, that's very easy to discover. Leo uses pneumonics and puts in bogus answers that only he knows and nobody can guess.

Why can't I change the password on my Yahoo account?

Andy from Los Angeles, CA

Episode 1107

Andy forgot his password to his Yahoo mail account and he's having trouble resetting it. Leo says the process of answering the secret questions by going to the log in and then click "I can't access my account." You'll then be asked your secret questions. This is also a good idea to add second factor authentication so that when you do reset, it'll let you know via your cellphone. Try that as well.