passwords

How can I Make Sure my Passwords are Kept Secure?

Krebbs

Episode 1572

Nathan from Spearfish, South Dakota

Nathan wants to know if there's any recourse if a company isn't protecting his passwords. Leo says in Europe they have the GDPR, but in the US the only real protection is through HIPPA in the medical field. Leo recommends talking to Brian Krebbs at Krebbs on Security and asking him how he should write a letter to warn them of their liability.

Collection #1 Password Hacks Prove to be Older than Believed

Episode 1559

Yesterday's story about Collection #1 - a package of hacked email passwords, is actually now reported to be a few years old, so the damage is not as great as previously believed. But Leo still says that it's a wise idea to go to HaveIBeenPwned.com/passwords and see if your account has been hacked. And then change your password. In fact, it may be a good idea to change it anyway, and turn on 2 factor authentication while you're at it.

Why won't Yahoo Mail take my password?

Password

Episode 1531

Mike from Santa Monica, CA

Mike is having issues logging into Yahoo at home. It says he's using the wrong password at home, but it takes it at work. Leo says one way to test it is to type out the password in notepad and then copy and paste it in. If that works, then he'll know it's not a problem on his end. It could also be a corrupted cookie in his browser. He should try using another browser, or clear the cookies in his browser and try again.

Mike also wants to disable the password challenge on his phone. Leo says that is dangerous to do, but he can turn it off in the phone's security settings.

How can I recover my phone's password?

Alcatel Android phone

Episode 1530

Robert from San Antonio, CA

Robert has a low budget Alcatel smartphone, but he forgot the password to access it. How can he recover it? Leo says on those older Android phones, the easiest thing is to erase it and start over. Most Android phones have a way to get into recovery mode. But if he can't, then he'll have to do a hard reset by pressing the power button and the volume up button at the same time, and hold it there. That should put it in recovery mode. It's a text based menu that he can navigate with the volume buttons until he reaches "reset." Then he can press the home button and that should reset the phone.

Set Up Your Router Securely

When you get a new router, there are a few things you can do to make sure it's set up securely.

The first thing you'll do is connect it to your computer and check the manual to find out how to configure it.

Once it's connected to your computer, you'll use the browser to navigate to a special address as instructed in the manual. It should be something like 192.168.1.1. This will take you to the login screen for the router.

Is it safe to keep my passwords in a spreadsheet?

LastPass Vault

Episode 1508

Bob from Tulsa, OK

Bob has all his passwords inputted in a spreadsheet. Is that secure? Leo says if it works for him, that's one step better than just using the same password over and over. But if someone gets ahold of that file, they have the keys to his kingdom. That's why using LastPass, which generates complicated and secure passwords is a good idea. Bob agrees, but he doesn't know how to use it to change his passwords. Leo says if he goes to LastPass's help desk, they describe step by step how to do it.