Buzz is having a problem with 2 factor authentication on Apple's Mail app. He is able to input his password, but it won't take it. Leo says that Apple should create an authenticator program that can be used to verify user identity that can then be texted to him. That way, he's protected. If he's having trouble with it, Apple is really the only one that can solve the issue. It may be that his password has been changed and he forgot.
Mike is worried that Google has all of his banking information. Leo says it's not to worry about. They don't have it. If anything, his browser has that information and that's much more dangerous. It may be a good idea to reset his browser to get rid of all that. Then turn on second factor authentication to make sure that any attempt to change his password or access his account will be stopped. Mike shouldn't worry about Google, though. They're quite secure, and Chrome is a secure browser.
Caleb wants to know if it's safe to use the same password across different web accounts. Leo says no, because once one site gets hacked, they can use that password information to guess the passwords for other sites. Many do this, and it's how the Turkish Crime Family was able to hack over a million iCloud accounts. Password vaults make different passwords for every site and you have only one password to open the vault. But that's not on the internet anywhere, he'd just remember that. It's much safer that way.
Brian has tried several password vaults and he finds them all inconvenient. His frustration is that using his mobile device doesn't always work so well. He ended up on LastPass. Is that a good choice? Leo says yes. It's the one he uses. 1Password is another one, and it has the advantage of being able to save the vault somewhere else.
It should go without saying that having a current backup of your computer is an essential preventative measure in case the worst happens. But there's another very simple step you can take that can potentially save you a lot of headache -- create a secondary administrator account. Make sure that account is pure and is in the default Mac or Windows configuration.
Mark wants to know if password vaults are safe and what the best one is to get. Leo says yes, they are best because they generate impossible to remember passwords and keep track of them, so Mark would only have to remember the one password to open his vault. Leo uses LastPass. There's also 1Password. It's a valuable tool that everyone should use.
Frank has been using the same password for years and now suddenly the password won't work on his Windows Surface. Could the hard drive be going out? Leo says that it's more likely a keyboard issue. He should check the CAPS lock, SCROLL lock and NUM lock to make sure they aren't enabled. Another thing to do is enable the feature that will allow him to see his password as he types it.
Mike is worried about the Turkish Crime Family's iCloud hack. If he changes his password, couldn't they just hack it again to get them? Leo says that Apple has said it hasn't been hacked, and even if it had been, the hackers would have to "rehack" the system to get them. If Mike has turned on two factor authentication, they can't use his password anyway.
It's annoying to use two-factor, but it's the best last line of defense to prevent his account from being compromised. Also, he can use his TouchID on a new MacBook Pro and his iOS devices to insure verification.
The Turkish Crime Family is threatening to release hundreds of millions of iCloud account names and passwords if Apple doesn't pay them a ransom of millions of dollars. To prove it, they gave ZDNet 54 samples to confirm it. Apple, however, says they have never been hacked. But Leo says it's important for iCloud users to change their passwords just in case. While you're at it, if you haven't turned on two factor authentication, it would be a good idea to do that as well.
Kirk created an administrator password and has forgotten it. Leo says that if he created it with his Microsoft account, he can recover it. But if he didn't, then there are ways to crack a Windows 10 login. He can use OphCrack or ConBoot to get around it. Here's a few articles to can show him how: