Leo has talked a lot on the Tech Guy show about using two factor authentication wherever possible to ensure the security of your online accounts. Two factor authentication requires more than just a 1 factor to login. This could include two of the following: something you are (such as biometrics like fingerprints or iris scans), something you know (a password), or something you have (a smartphone or hardware key). This could be called many things, including “Two-Step Verification” and “Two-Factor Authentication” depending on the site.
Carlos wants to know about biometric behavioral passwords. Leo says that the idea has been around for awhile. Google uses gate analysis to know if you're the one holding the phone. It could be the future.
Tom wants to know where he can find a YubiKey, and whether or not it's accessible for the blind. Leo says they are accessible, and he can get it at yubico.com. This is a little USB device that plugs into a USB port, and the computer sees it as a keyboard. The YubiKey will light up, and then press the button on the key. Just make sure the cursor is in the correct field that it will need to fill, and it will fill in the password. This doesn't work for an iPhone, however, because it doesn't have a USB port.
Jerry has been using an app to hack a neighbor's Wifi for free WiFi. Leo says that is a violation of federal law and Jerry really shouldn't be doing that. And it probably doesn't work anyway since most wifi routers are using WPA2 these days and that's a lot harder to crack.
David's mother received a call from a scammer that asked for her Admin password, which she gave out. After that, they deactivated David's admin account. Leo says the computer is compromised and recommends reinstalling Windows while educating his mother about scammers and sensitive information.
Burt has a Motorola Max mobile device and an iPad. He got a notification to update his security and contact list on his phone, but the iPad gave him a notification that his Google password had changed without his knowledge. Leo says that's worrisome. It sounds like someone may have hacked his Google account. Leo advises going to iCloud.com to see if he can log in. If he can, then his AppleID is likely secure. But Leo advises changing the password again to verify everything.
Using Facebook on a public computer, or even on a friend's computer, can be risky. Facebook stores a cookie in the browser that enables the user to get into the site without actually logging in. This would make it possible for someone else to easily gain access to your account. Instead of avoiding Facebook entirely, there is a way you can still use it and prevent someone else from being able to get in — by using a one-time password.
Andrea's mother has problems remembering her passwords. What's the best way to do it? Leo says we all have a problem remembering them, and if it's easy to remember, there's a good chance it will be easily cracked. She'll want her password to be difficult, but by extension, that makes them difficult to remember. Writing them down isn't a bad idea as long as nobody has access to them. A password vault would be a good idea, where she would let the software generate all of her passwords and all she needs to remember is the master password.
Buzz is having a problem with 2 factor authentication on Apple's Mail app. He is able to input his password, but it won't take it. Leo says that Apple should create an authenticator program that can be used to verify user identity that can then be texted to him. That way, he's protected. If he's having trouble with it, Apple is really the only one that can solve the issue. It may be that his password has been changed and he forgot.
Mike is worried that Google has all of his banking information. Leo says it's not to worry about. They don't have it. If anything, his browser has that information and that's much more dangerous. It may be a good idea to reset his browser to get rid of all that. Then turn on second factor authentication to make sure that any attempt to change his password or access his account will be stopped. Mike shouldn't worry about Google, though. They're quite secure, and Chrome is a secure browser.