Since many sites now allow (or even require) 2-factor authentication, it's a good idea to use an authentication app on your smartphone to get the security code. This is a much more secure method, because codes texted over SMS could be intercepted. There's also the danger of SIM cards being duplicated or even hijacked with some creative social engineering. The Authy app for iOS or Android is a good option, because it sends a secret number and combines it with the time of day so the code changes after 30 seconds.
second factor authenication
Mike is worried that Google has all of his banking information. Leo says it's not to worry about. They don't have it. If anything, his browser has that information and that's much more dangerous. It may be a good idea to reset his browser to get rid of all that. Then turn on second factor authentication to make sure that any attempt to change his password or access his account will be stopped. Mike shouldn't worry about Google, though. They're quite secure, and Chrome is a secure browser.
Mike is worried about the Turkish Crime Family's iCloud hack. If he changes his password, couldn't they just hack it again to get them? Leo says that Apple has said it hasn't been hacked, and even if it had been, the hackers would have to "rehack" the system to get them. If Mike has turned on two factor authentication, they can't use his password anyway.
It's annoying to use two-factor, but it's the best last line of defense to prevent his account from being compromised. Also, he can use his TouchID on a new MacBook Pro and his iOS devices to insure verification.
Cheryl wants to know if she can get infected by HTML email. Leo says yes. That's why she has to be careful what links she clicks on. But since she's using an iPad, she's protected. She can't get infected on that. Apple's iOS is very secure. But it's always a good idea to train herself not to click on links. If she gets an email from her bank for instance, she should just go to her browser and go directly to the bank's website.
Alan just installed Windows 10 on a few computers and wants to know if there's any reason to install a third party antivirus program with it. Leo says that Google has done a study about this, and they've found that most security experts believe antivirus software gives a false sense of security and doesn't guard against zero day exploits, which are the real threat now.
Ben wants to know if we can ever move beyond second factor authentication. Can we move on to fingerprint reading? Leo says that is also second factor authentication. It's not just something you have, it's also something you are.
Windows Hello is a new type of two factor authentication, which uses a special depth sensing webcam for facial recognition and will log you in based on your face. But we can surely get rid of passwords, it's really a terrible system.
Mike wants to know about passwords and how often he should change the ones on his computer. Leo says that local passwords, like for logging into his laptop aren't that big of a deal. Someone would have to have physical access to the computer and a lot of time to crack it. So that's not really the one to worry about. It's the passwords online, and even then, those passwords are encrypted. Those who change passwords a lot are those who have passwords that are shamefully easy to guess.
Tom's iPhone 6 Plus keeps asking for his voicemail password. Is that a new feature in iOS 8? Leo says no. It's probably what the carrier is requiring. If he can't remember it, Leo advises calling up AT&T to have them reset it. And if he uses second factor authentication, it'll protect him from someone hacking his voicemail.