Caleb wants to know if it's safe to use the same password across different web accounts. Leo says no, because once one site gets hacked, they can use that password information to guess the passwords for other sites. Many do this, and it's how the Turkish Crime Family was able to hack over a million iCloud accounts. Password vaults make different passwords for every site and you have only one password to open the vault. But that's not on the internet anywhere, he'd just remember that. It's much safer that way.
Brian has tried several password vaults and he finds them all inconvenient. His frustration is that using his mobile device doesn't always work so well. He ended up on LastPass. Is that a good choice? Leo says yes. It's the one he uses. 1Password is another one, and it has the advantage of being able to save the vault somewhere else.
It should go without saying that having a current backup of your computer is an essential preventative measure in case the worst happens. But there's another very simple step you can take that can potentially save you a lot of headache -- create a secondary administrator account. Make sure that account is pure and is in the default Mac or Windows configuration.
Mark wants to know if password vaults are safe and what the best one is to get. Leo says yes, they are best because they generate impossible to remember passwords and keep track of them, so Mark would only have to remember the one password to open his vault. Leo uses LastPass. There's also 1Password. It's a valuable tool that everyone should use.
Frank has been using the same password for years and now suddenly the password won't work on his Windows Surface. Could the hard drive be going out? Leo says that it's more likely a keyboard issue. He should check the CAPS lock, SCROLL lock and NUM lock to make sure they aren't enabled. Another thing to do is enable the feature that will allow him to see his password as he types it.
Mike is worried about the Turkish Crime Family's iCloud hack. If he changes his password, couldn't they just hack it again to get them? Leo says that Apple has said it hasn't been hacked, and even if it had been, the hackers would have to "rehack" the system to get them. If Mike has turned on two factor authentication, they can't use his password anyway.
It's annoying to use two-factor, but it's the best last line of defense to prevent his account from being compromised. Also, he can use his TouchID on a new MacBook Pro and his iOS devices to insure verification.
The Turkish Crime Family is threatening to release hundreds of millions of iCloud account names and passwords if Apple doesn't pay them a ransom of millions of dollars. To prove it, they gave ZDNet 54 samples to confirm it. Apple, however, says they have never been hacked. But Leo says it's important for iCloud users to change their passwords just in case. While you're at it, if you haven't turned on two factor authentication, it would be a good idea to do that as well.
Kirk created an administrator password and has forgotten it. Leo says that if he created it with his Microsoft account, he can recover it. But if he didn't, then there are ways to crack a Windows 10 login. He can use OphCrack or ConBoot to get around it. Here's a few articles to can show him how:
Every time Charles tries to open Gmail on his Google Nexus, it wants him to sign in. He's suspicious that someone may have hacked his account. Leo says that there's a lot of reasons to be advised of that, but it's always wise to run Google's Security Checkup just to be safe. It'll tell him what devices are connected to his account and also input a second factor authentication warning.
Greg lost his iPhone and wants to know how to use Find My iPhone to locate it. Leo says as long as Find My iPhone is turned on, he should be OK. If it was put it in Airplane Mode, it won't broadcast because the radios are turned off, though. It's probably lost, and even if someone could find it, Greg has a complicated password and it'll wipe the device after 10 attempts.