2 factor authentication

Has my personal information been hacked?

HaveIBeenPwned.com

Episode 1726

Jim from Oneida, NY

Jim is getting a ton of emails, that his accounts are being reset. He's worried. Leo says that if your password has been changed, that could be a bad sign you've been hacked. So go into all your accounts and change the passwords again. Set up 2 Factor Authentication for your phone. This will prevent someone else from doing that. Stop using related passwords. Use passwords that are random and distinct for every site. The only way to handle that is with a password manager like Last Pass. You can also set up an authenticator, like Google Authenticator or Authy.

Why does Facebook keep allowing others to change my password?

Authy

Episode 1710

Joe from Glendale, CA

Joe got an email from Facebook saying his password has been changed. He changed it and turned on 2-factor authentication, but the password keeps getting changed back. Leo says that's a scary thought and he probably got bit by a phishing scam and that Facebook didn't send him an email at all. Leo says if it was legit, the first thing the hacker would do is change the email notification. 

Why Can't I Log Into Gmail?

gmail

Episode 1701

Daisy from Huntington Beach, CA

Daisy is a teacher, who is now doing distance learning with her kids and she's having issues logging into her district Gmail account. She gets a google sign-in page that opens when she goes to Google Hangouts. She now can't get into her account. Leo suspects that is a phony phishing scam that has gotten her credentials and then locked her out. Leo suggests contacting the district IT office and have the password reset and 2-factor authentication set up so that it won't happen again. 

Why is Google Photos Importing Strange Pics to My Account?

Google photos

Episode 1661

Robin from North Hills, CA

Robin uses Google Photos to back up her images and has noticed it's having issues with facial recognition features from younger to older. It'll recognize adults rather easily, but the older images of her kids not so much. Leo says that Google's facial recognition measures many physical facial features and it may be that younger to adult represents too much of a difference to connect the dots and recognize them as the same person but as an adult.

Is my Microsoft Account secure?

Microsoft Account Login

Episode 1660

Don from Springfield, IL

Don has noticed someone from the Ukraine has tried to log into his Microsoft account on a weekly basis. Should he be concerned? Leo says as long as you don't use the same password, have 2-factor authentication, and have a password manager like Last Pass, there's no way he can get into it. But make sure you have 2 Factor turned on just in case someone manages to guess the password. It will then ask for an authentication code from you through Microsoft Authenticator, which notifies you via text. It's very secure.

Should I use a password manager?

LastPass

Episode 1658

Craig from Venice Beach, CA

Craig is looking for a password manager and wants to sign up with LastPass (A sponsor of the TWiT Network and Studio). But is there anything special he has to do? Leo says that a password manager will not only store all your passwords, but it will also generate them for you. All you need to remember is the master password. Other options are One Password, Dash Lane and Bit Warden. Once you get LastPass all setup, you want to turn on 2 Factor Authentication so that if someone tries to break into or have your password, there is a second way to authenticate that will protect you.

Is 2-Factor Authentication by SMS Safe?

Authentication

Episode 1626

Ben from Auburn, AL

Ben has an issue with 2-factor authentication. Leo says that text message 2-factor authentication isn't safe anymore because "sim jacking" can occur, by bad guys figuring out what your cellphone number is, and then using social engineering to get them to reassign that number to a new SIM. Once they do that, they have control of the mobile device and can control even 2-factor authentication. That's why Leo supports using an authenticator. He uses a hardware-based model called Authy.

Is There a Password Manager that Doubles as a VPN?

ExpressVPN

Episode 1624

Mike from Highland, CA

Mike needs a good password manager that can also serve as a VPN. Is there any? Leo says he doesn't think that there is one, but that is a great idea. Leo recommends LastPass or 1Password for a good password vault. As for VPNs, there are a lot of options out there, but beware of free VPNs, because to make money, they sell their traffic. So it really isn't all that secure. Leo recommends ExpressVPN. There's also the Tiny Hardware Firewall.