This week, Evernote announced on their blog that they've been hacked. Fortunately, all hackers were able to get was usernames and passwords. So Evernote too the step of resetting everyone's passwords so that they would have to change their password to get online. (this is called hashing and salting).
Leo's favorite information and note taking app, Evernote, has been hacked in what appears to be a coordinated attack. According to the Evernote Blog, "The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption.
Terry can't remember the password for iHeartRadio. How can she access the file that allows her to remember it? Leo says that Firefox stores saved passwords in clear text, which Leo says is a flaw that's just begging to be exploited. Go into Firefox, Options, Security, Saved Passwords. Show Passwords. She should just hide them after she's done.
Leo says that there's a setting in IE under options to allow or disallow it to remember passwords. He'll also want to be sure the site he's logging into allows for remembering username/passwords (which get saved in cookies). Also, if his browser is set to delete cookies when he closes out, that'll log him out as well.
Bob bought a computer from a military sale and he can't get it to run because of a password authentication issue. Leo says that there's a password in the BIOS which prevents someone from turning the computer on. That's not surprising, considering it's a military computer. One thing he can try is removing the lithium ion battery that will power the bios. Or he may have to reset jumpers. Considering the military had it, James may be out of luck cracking that password.
Luckily, Windows XP wasn't all that secure, and it's relatively easy to get into the computer.
First, she should try logging in with "admin" as the username and leaving the password field blank. She also could try booting into safe mode. Since neither of those worked for Naomi, she'll have to look for a program that will hack into it.
Leo says some viruses have keystroke loggers built in that "phone home" with your passwords, but it doesn't look like Babylon does that. If he's worried, though, then he shouldn't take a chance. He should change his passwords regularly. Leo also advises using LastPass, which will generate passwords that are impossible to defeat. Then he'd only have to remember the LastPass password.
The best solution for password management according to Leo and security guru Steve Gibson is LastPass. There is a free version and a pro version for only $1 a month. This way, Ann will only have to remember one password and still have different, secure passwords for each site she goes to. The reason Leo says people don't have good passwords is because a good password is hard to remember. It's not a good idea to use simple passwords, or the same password for multiple sites.