Nathan wants to know if there's any recourse if a company isn't protecting his passwords. Leo says in Europe they have the GDPR, but in the US the only real protection is through HIPPA in the medical field. Leo recommends talking to Brian Krebbs at Krebbs on Security and asking him how he should write a letter to warn them of their liability.
Yesterday's story about Collection #1 - a package of hacked email passwords, is actually now reported to be a few years old, so the damage is not as great as previously believed. But Leo still says that it's a wise idea to go to HaveIBeenPwned.com/passwords and see if your account has been hacked. And then change your password. In fact, it may be a good idea to change it anyway, and turn on 2 factor authentication while you're at it.
According to the creator of HaveIBeenPwned.com, over 21 million passwords have been hacked and revealed on the dark web. Leo says to find out if your passwords have been hacked and stolen, head over to https://haveibeenpwned.com/passwords and input your passwords. It'll let you know if your passwords have been hacked.
Bruce wants to know why he's being asked for his iCloud password all the time on his iPhone 8. Leo isn't sure why this happens, but it's happened to him as well. It does go away eventually. Leo thinks it's just a bug. Leo suggests going into settings, and re-entering his passwords there.
Jane has a ton of passwords and needs a password vault to keep them all straight. She was looking at LastPass and wants to know if that's the best one. Leo loves LastPass, and they are a sponsor on the show. He has been using it for ten years and it's very secure. But it's not the only option. There's also 1Password, KeePass, and DashLane.
Mike is having issues logging into Yahoo at home. It says he's using the wrong password at home, but it takes it at work. Leo says one way to test it is to type out the password in notepad and then copy and paste it in. If that works, then he'll know it's not a problem on his end. It could also be a corrupted cookie in his browser. He should try using another browser, or clear the cookies in his browser and try again.
Mike also wants to disable the password challenge on his phone. Leo says that is dangerous to do, but he can turn it off in the phone's security settings.
Robert has a low budget Alcatel smartphone, but he forgot the password to access it. How can he recover it? Leo says on those older Android phones, the easiest thing is to erase it and start over. Most Android phones have a way to get into recovery mode. But if he can't, then he'll have to do a hard reset by pressing the power button and the volume up button at the same time, and hold it there. That should put it in recovery mode. It's a text based menu that he can navigate with the volume buttons until he reaches "reset." Then he can press the home button and that should reset the phone.
Sue's Roku device won't let her log in anymore. Is this because she has DSL? DSL isn't the issue. She's likely using the wrong password. Rich recommends that she try recovering her password. Once she does that, she can change it.
When you get a new router, there are a few things you can do to make sure it's set up securely.
The first thing you'll do is connect it to your computer and check the manual to find out how to configure it.
Once it's connected to your computer, you'll use the browser to navigate to a special address as instructed in the manual. It should be something like 192.168.1.1. This will take you to the login screen for the router.
Bob has all his passwords inputted in a spreadsheet. Is that secure? Leo says if it works for him, that's one step better than just using the same password over and over. But if someone gets ahold of that file, they have the keys to his kingdom. That's why using LastPass, which generates complicated and secure passwords is a good idea. Bob agrees, but he doesn't know how to use it to change his passwords. Leo says if he goes to LastPass's help desk, they describe step by step how to do it.