passwords

Twitter Error Results in Passwords Being Stored in Plain Text

Twitter login

Episode 1486

Twitter sent an email to its 330 million users recommending that they change their passwords. This is because of an error that caused user passwords to be stored unencrypted and in plain text. While this was a big flaw, Twitter is being praised for disclosing the information immediately so users can take action to protect their accounts.

Read more at Reuters.com.

How can I reset my Windows 10 password?

PCunlocker

Episode 1476

Steve from Radondo Beach, CA

Steve forgot the password on his all-in-one Windows 10 machine. Leo says that can be a serious problem in Windows 10. But since Steve used his Microsoft account to log in, he can change the Microsoft password and he should be able to make it work. Microsoft also has a utility called MSDaRT, which has a feature called Locksmith Wizard that will reset his Windows 10 password. Third party utilities include PC Unlocker.

Why doesn't my password vault input the right password?

LastPass

Episoide 1473

David from Florida

David uses a bunch of different browsers and everyone wants to save his passwords. It seems easier, but he says that it fills in the wrong password often. Leo says that's probably because David has multiple password managers and they are fighting. It's like antivirus software. It's best to have just one. Relying on the browser saving passwords isn't safe because that's not their main business and many have security flaws. David should use one password manager like LastPass, and it will input the right password.

Is there an Android app that could simplify the process of logging onto public Wi-Fi?

LastPass on mobile

Episode 1457

Gary from Rancho Cucamonga, CA

Leo says there's a new feature in Android Oreo 8.1 — it will let you know how fast a Wi-Fi access point is before joining it. Leo says any password vault should enter his password into the web portal when he signs in. Leo prefers using password vaults to any mechanism offered by the browser or phone itself. Password vaults will remember all of his passwords, and on Android, it will actually fill in the password automatically.

How strong is the encryption on Microsoft Office documents?

Microsoft Office

Episode 1456

Mike from Riverside, CA

Mike is wondering how good the encryption is in Microsoft Word and Excel documents. Leo says it's actually pretty good and that it's adequate, but not uncrackable. Leo says it's hard to crack stuff on the web when a service can slow the attacker down. But if someone can get a document that's locked and own it, there's nothing to stop them from trying a million passwords a second, and brute-force that document. Having said that, Microsoft has started using strong encryption on documents. The weak link will be the password.

Why can't I log into a website?

Username and Password

Episode 1455

Joy from Santa Cruz, CA

Joy signed up for a recipe website. She can log in with one computer, but not another. It says her password is wrong. Leo says it may be that the num lock is enabled. She should see if she can type into a word processing program to make sure she has the right password, and then cut and paste it into the password field. If that works, then it may be that the site thinks it's uppercase and therefore can't accept it.

What happened to my emails?

Gmail

Episode 1455

Pat from San Diego, CA

Pat woke up the other day and all her emails had vanished from her Gmail account. She uses her web browser to check her mail every day, clicking on "all mail," first, then deleting and emptying her trash. Leo says that she doesn't ever need to delete her email or empty the trash. Trash gets automatically flushed every 30 days. Leo suspects that Pat may have accidentally deleted more than she thought. For instance, if she hit command A, that will select everything and then delete. Unfortunately, Gmail is a cloud-based option and there's no real backup other than that.

How do I recover my Facebook password?

Facebook

Episode 1454

Brad from San Jose, CA

Brad wants to know how to recover his brother's Facebook account without using his email. Leo says that there's an extreme account recovery system that involves sending a picture, and then Facebook will reset it. Here's how to recover his account on Facebook.

Leo also recommends using a password vault. LastPass is what he uses, but there's also 1Password. Then all he needs to do is remember one password.