Chuck has to run through a tour at LastPass every time he has to log in. Leo says that he can disable going to the page to log in since he doesn't need to go to the vault every time he logs into LastPass. There's a checkbox in the settings to disable the vault popping up with each login.
Jane has a ton of passwords and needs a password vault to keep them all straight. She was looking at LastPass and wants to know if that's the best one. Leo loves LastPass, and they are a sponsor on the show. He has been using it for ten years and it's very secure. But it's not the only option. There's also 1Password, KeePass, and DashLane.
Mark wants to combine his work's LastPass account with his personal one. Leo says that his personal stuff can be attached, but it won't be visible at work. Leo recommends keeping the accounts separate. That way, if he leaves the job, his employer doesn't have access to his data.
(Disclaimer: LastPass is a sponsor)
Tom heard that Authy is better than Google Authenticator. Is that true? Leo says that any authenticator will be better than no authenticator at all, especially when keeping password vaults protected. Most services offer 2 factor authentication now, but the danger there is that some SIMs can be duplicated or even hijacked with some creative social engineering. In fact, the authenticator can be re-routed. Authy sends a secret number and combines it with a time of day (hashing) that changes after 30 seconds.
David uses a bunch of different browsers and everyone wants to save his passwords. It seems easier, but he says that it fills in the wrong password often. Leo says that's probably because David has multiple password managers and they are fighting. It's like antivirus software. It's best to have just one. Relying on the browser saving passwords isn't safe because that's not their main business and many have security flaws. David should use one password manager like LastPass, and it will input the right password.
Taylor is talking about using LastPass and its 2-factor authentication. How does that work? Leo says that 2-factor can be a biometric thing, like his thumbprint, or it can be an authenticator which will text him a code to his phone that he would input into the prompt. It's secret and only good for about 30 seconds before he would have to input a new code. It's a great way to protect online data.
Walter wants to know if he can install LastPass into his browser to save his passwords online. Leo says there's a LastPass browser plugin that does just that thing. Then he can let LastPass choose his passwords.
Leo says there's a new feature in Android Oreo 8.1 — it will let you know how fast a Wi-Fi access point is before joining it. Leo says any password vault should enter his password into the web portal when he signs in. Leo prefers using password vaults to any mechanism offered by the browser or phone itself. Password vaults will remember all of his passwords, and on Android, it will actually fill in the password automatically.
Burt has a Motorola Max mobile device and an iPad. He got a notification to update his security and contact list on his phone, but the iPad gave him a notification that his Google password had changed without his knowledge. Leo says that's worrisome. It sounds like someone may have hacked his Google account. Leo advises going to iCloud.com to see if he can log in. If he can, then his AppleID is likely secure. But Leo advises changing the password again to verify everything.
Jason wants to know if using a password manager on a mobile phone is a good idea. Leo says absolutely. It will keep track of all his passwords so all he needs to do is remember one. Leo likes Last Pass, but many iPhone users prefer 1Password. Both are equally good. There's also DashLane. Any of those three will do the job. He should just make sure he creates a difficult password to crack, but one that he can remember.