Twitter sent an email to its 330 million users recommending that they change their passwords. This is because of an error that caused user passwords to be stored unencrypted and in plain text. While this was a big flaw, Twitter is being praised for disclosing the information immediately so users can take action to protect their accounts.
Steve forgot the password on his all-in-one Windows 10 machine. Leo says that can be a serious problem in Windows 10. But since Steve used his Microsoft account to log in, he can change the Microsoft password and he should be able to make it work. Microsoft also has a utility called MSDaRT, which has a feature called Locksmith Wizard that will reset his Windows 10 password. Third party utilities include PC Unlocker.
David uses a bunch of different browsers and everyone wants to save his passwords. It seems easier, but he says that it fills in the wrong password often. Leo says that's probably because David has multiple password managers and they are fighting. It's like antivirus software. It's best to have just one. Relying on the browser saving passwords isn't safe because that's not their main business and many have security flaws. David should use one password manager like LastPass, and it will input the right password.
Melanie's email account was hacked so she changed her password and set up 2-factor authentication. Now when she logs in, it tells her there's been "too many attempts" and it logs her out. Leo says that there is a Google help chat where she could get it reset. There's also a phone number that she can call. She should check under Google Help.
Walter wants to know if he can install LastPass into his browser to save his passwords online. Leo says there's a LastPass browser plugin that does just that thing. Then he can let LastPass choose his passwords.
Leo says there's a new feature in Android Oreo 8.1 — it will let you know how fast a Wi-Fi access point is before joining it. Leo says any password vault should enter his password into the web portal when he signs in. Leo prefers using password vaults to any mechanism offered by the browser or phone itself. Password vaults will remember all of his passwords, and on Android, it will actually fill in the password automatically.
Mike is wondering how good the encryption is in Microsoft Word and Excel documents. Leo says it's actually pretty good and that it's adequate, but not uncrackable. Leo says it's hard to crack stuff on the web when a service can slow the attacker down. But if someone can get a document that's locked and own it, there's nothing to stop them from trying a million passwords a second, and brute-force that document. Having said that, Microsoft has started using strong encryption on documents. The weak link will be the password.
Joy signed up for a recipe website. She can log in with one computer, but not another. It says her password is wrong. Leo says it may be that the num lock is enabled. She should see if she can type into a word processing program to make sure she has the right password, and then cut and paste it into the password field. If that works, then it may be that the site thinks it's uppercase and therefore can't accept it.
Pat woke up the other day and all her emails had vanished from her Gmail account. She uses her web browser to check her mail every day, clicking on "all mail," first, then deleting and emptying her trash. Leo says that she doesn't ever need to delete her email or empty the trash. Trash gets automatically flushed every 30 days. Leo suspects that Pat may have accidentally deleted more than she thought. For instance, if she hit command A, that will select everything and then delete. Unfortunately, Gmail is a cloud-based option and there's no real backup other than that.
Brad wants to know how to recover his brother's Facebook account without using his email. Leo says that there's an extreme account recovery system that involves sending a picture, and then Facebook will reset it. Here's how to recover his account on Facebook.