passwords

Twitter Error Results in Passwords Being Stored in Plain Text

Episode 1486

Twitter login

Twitter sent an email to its 330 million users recommending that they change their passwords. This is because of an error that caused user passwords to be stored unencrypted and in plain text. While this was a big flaw, Twitter is being praised for disclosing the information immediately so users can take action to protect their accounts.

Read more at Reuters.com.

How can I reset my Windows 10 password?

Episode 1476

Steve from Radondo Beach, CA
PCunlocker

Steve forgot the password on his all-in-one Windows 10 machine. Leo says that can be a serious problem in Windows 10. But since Steve used his Microsoft account to log in, he can change the Microsoft password and he should be able to make it work. Microsoft also has a utility called MSDaRT, which has a feature called Locksmith Wizard that will reset his Windows 10 password. Third party utilities include PC Unlocker.

Why doesn't my password vault input the right password?

Episoide 1473

David from Florida
LastPass

David uses a bunch of different browsers and everyone wants to save his passwords. It seems easier, but he says that it fills in the wrong password often. Leo says that's probably because David has multiple password managers and they are fighting. It's like antivirus software. It's best to have just one. Relying on the browser saving passwords isn't safe because that's not their main business and many have security flaws. David should use one password manager like LastPass, and it will input the right password.

Is there an Android app that could simplify the process of logging onto public Wi-Fi?

Episode 1457

Gary from Rancho Cucamonga, CA
LastPass on mobile

Leo says there's a new feature in Android Oreo 8.1 — it will let you know how fast a Wi-Fi access point is before joining it. Leo says any password vault should enter his password into the web portal when he signs in. Leo prefers using password vaults to any mechanism offered by the browser or phone itself. Password vaults will remember all of his passwords, and on Android, it will actually fill in the password automatically.

How strong is the encryption on Microsoft Office documents?

Episode 1456

Mike from Riverside, CA
Microsoft Office

Mike is wondering how good the encryption is in Microsoft Word and Excel documents. Leo says it's actually pretty good and that it's adequate, but not uncrackable. Leo says it's hard to crack stuff on the web when a service can slow the attacker down. But if someone can get a document that's locked and own it, there's nothing to stop them from trying a million passwords a second, and brute-force that document. Having said that, Microsoft has started using strong encryption on documents. The weak link will be the password.

Why can't I log into a website?

Episode 1455

Joy from Santa Cruz, CA
Username and Password

Joy signed up for a recipe website. She can log in with one computer, but not another. It says her password is wrong. Leo says it may be that the num lock is enabled. She should see if she can type into a word processing program to make sure she has the right password, and then cut and paste it into the password field. If that works, then it may be that the site thinks it's uppercase and therefore can't accept it.

What happened to my emails?

Episode 1455

Pat from San Diego, CA
Gmail

Pat woke up the other day and all her emails had vanished from her Gmail account. She uses her web browser to check her mail every day, clicking on "all mail," first, then deleting and emptying her trash. Leo says that she doesn't ever need to delete her email or empty the trash. Trash gets automatically flushed every 30 days. Leo suspects that Pat may have accidentally deleted more than she thought. For instance, if she hit command A, that will select everything and then delete. Unfortunately, Gmail is a cloud-based option and there's no real backup other than that.