security

Change Your LastPass Master Password

On June 15, 2015, password manager LastPass made an announcement that its password database was hacked and some user account information had been stolen. Since LastPass has uses encryption and many layers of protection to slow down hackers, the damage will be minimal for LastPass users. While the hackers may have obtained the database of master passwords, they still don't have immediate access to everyone's passwords. That information has been encrypted, salted, and hashed, so it would take quite a bit of effort to break into it.

How can I save passwords in my browser?

Vicky from Temecuila, CA

Episode 1198

Vicky works out of her house in California, while her office is back East. Since they've added McAfee on her computer, her passwords aren't being saved in her browser. Leo's not a fan of McAfee, but since Vicky has no choice, she should check her settings to see if there's something triggered that's preventing it. Can she use post it notes? Leo says sure, because she works at home and that's not going to hurt. She can also keep a notebook.

Are plugins causing issues with my browser?

Arelia from Riverside, CA

Episode 1195

Arelia is having issues with her browser and she thinks it may be due to a plugin she installed. Leo says she's probably right. Plugins like Flash, Shockwave or Java are easily hackable and dangerous if not kept up to date.

Leo recommends using Google Chrome. Chrome has Flash built in and it's always updated. If she likes the browser she's using, then she'll have to get the latest version of Flash from Adobe.

How secure is home automation?

Bob from Tehachapi, CA

Episode 1190

Bob is interested in home automation, but he's concerned with security. Can it run amuck? Leo says that it's such a new thing, we don't really know all the downsides yet. Keyless entry is the challenge, especially with a car. A car uses keyless entry with the keyfob signal by proximity. You can actually buy a booster to send it out further. But that's a security flaw. Anything with a computer can have flaws and bugs in programming. So it is possible and Bob's right to pay attention to it. But we're in the very early days. Just remember that a lock is an illusion, not a security feature.

Can I install Android KitKat on a Nexus 6?

Vladimir from Carlsbad, CA

Episode 1185

Vladimir has a BMW i3 and wonders if he can integrate his smartphone with it. On his previous car, he had to manually enter all his contacts and it was tedious. Leo says that his car copied over his contacts so it was pretty easy. Vladimir got the numbers, but not the addresses, though. Leo says that Audi's do addresses. Vladimir used a phone with KitKat and it worked just fine, so that's a workaround. Leo says that's very odd. But at least he got the data in. But it sounds like maybe a Lollipop security feature prevented it from doing addresses.

How can I secure my Yahoo email account?

Robin from Los Angeles, CA

Episode 1180

Robin is getting those emails that seem to be bounced from her own Yahoo email account. Leo says that's likely a "spoofed" return email address, but it's always wise to change the password just in case. She should use a password vault so it can generate long passwords which can't as easily be hacked. But Leo also says there's something fundamentally wrong with Yahoo's email security and Leo advises getting off it. Go with Gmail instead.

Can you use something other than a fingerprint for Touch ID?

Episode 1178

Brad from Peoria, IL
Apple iPhone 6

Brad hears that you don't have to use your fingerprint for Apple's Touch ID -- you can actually use other body parts. Knuckles, palms, and even noses can work. Some guitar players or construction workers who have callouses on their fingers may not be able to use fingerprints. So for those people, they need to think outside the box.

How secure are smartphones?

Derek from Seattle, WA

Episode 1177

Derek wants to know how secure cellphones are today versus 20 years ago. Leo says that they are secure because of digital networks that are encrypted. Back in the 90s, cell phones were analog, making them really easy to eavesdrop and "snarf." It was even possible to clone them. But just because you have digital security, doesn't mean you're completely secure. Law enforcement can pay a small fee and get the meta data from your wireless company via a pen register request. Also, there's GPS data, super cookies, and social interaction.

Do I need firewalls if I have a router?

Joe from Canton, OH

Episode 1175

Joe just got a router and wants to know if he really needs firewalls anymore. Leo says no. Joe could turn on the Windows firewall, but any third party firewall isn't really needed because the router is essentially a "dumb box" that prevents attacks from incoming traffic.

Routers, though, aren't impervious to attack, so he'll need to keep the firmware up to date, or even use a third party firmware like Tomato or DDWRT.