A recent study done by Google on its security blog comparing the security practices of regular users versus the security experts. Regular users said antivirus topped their list of security priorities, followed by using strong passwords, changing passwords frequently, only visiting websites they know, and not sharing personal information.
Security experts' say installing software updates is the number 1 priority, followed by using unique passwords, use two-factor authentication where its available, use strong passwords, and use a password manager.
Jack wants to password protect a thumb drive. Leo says one way he can do this is to encrypt the drive. He can also use BitLocker in Windows to do it. He can just right click the thumb drive and select the encrypt option. A third party option is TrueCrypt.
On June 15, 2015, password manager LastPass made an announcement that its password database was hacked and some user account information had been stolen. Since LastPass has uses encryption and many layers of protection to slow down hackers, the damage will be minimal for LastPass users. While the hackers may have obtained the database of master passwords, they still don't have immediate access to everyone's passwords. That information has been encrypted, salted, and hashed, so it would take quite a bit of effort to break into it.
Vicky works out of her house in California, while her office is back East. Since they've added McAfee on her computer, her passwords aren't being saved in her browser. Leo's not a fan of McAfee, but since Vicky has no choice, she should check her settings to see if there's something triggered that's preventing it. Can she use post it notes? Leo says sure, because she works at home and that's not going to hurt. She can also keep a notebook.
John's router from the ISP is very easy to get into, and there's no way to change the password. Will LastPass protect him from a brute force attack? Leo says LastPass will only help him if he's able to change the password on the router. Then he could use LastPass to generate a secure password and store it for him. Leo says if he can turn off WLAN Administration, then he should at least do that. Even if an outsider were to log into his router, they only could really change the settings. But this still isn't a great solution.
If you've had your email account hacked, then it may be time to take further security measures to keep it from happening in the future. Here are some simple steps you can take right now to better secure your account:
- Change your account password
Brad hears that you don't have to use your fingerprint for Apple's Touch ID -- you can actually use other body parts. Knuckles, palms, and even noses can work. Some guitar players or construction workers who have callouses on their fingers may not be able to use fingerprints. So for those people, they need to think outside the box.
Patrick is frustrated because Touch ID doesn't work on his iPhone 6. He's had his phone replaced and it still doesn't work. It recognizes his fingers for a day or two and then it stops. Leo says that there was an issue with "fingerprint rot," where the reader capability degrades, but Apple fixed that in iOS 8. So it shouldn't have an issue. If Patrick's fingers are clammy or wet, it won't work. His hands need to be bone dry.
George wants to know of a way to use his computer without having to use a password or user name because he keeps forgetting them. Leo says that passwords don't work. We have to remember them, so we tend to make weak passwords and use them on multiple sites. Steve Gibson has an idea called SQRL (Secure, Quick, Reliable Log In). The idea being that a smartphone app will automatically authenicate using a QR code so it just lets the user right in. Great idea, but behind the scenes it's a lot more complicated than that.