security

Twitter Error Results in Passwords Being Stored in Plain Text

Episode 1486

Twitter login

Twitter sent an email to its 330 million users recommending that they change their passwords. This is because of an error that caused user passwords to be stored unencrypted and in plain text. While this was a big flaw, Twitter is being praised for disclosing the information immediately so users can take action to protect their accounts.

Read more at Reuters.com.

Why isn't scrolling working properly when I visit Facebook?

Episode 1482

Jerry from Anaheim, CA
Facebook

When visits Facebook, he's been having issues where the page scrolls on its own. Leo says if it happened everywhere, it could be a stuck down key, but since it only happens on Facebook, that's an indicator for software. Could someone be taking over his account? Leo says probably not. Just in case, however, he should go into his Facebook settings and turn on 2nd factor authentication. Then if someone tries to hack his account, it'll send him a notification asking if he's logging in. If it's not him, they can't log in.

Has my iMac been compromised?

Episode 1478

Adam from Pasadena, CA
Apple iMac

Adam bought an iMac from a private seller. It still had Apple Care and he had it transferred to his name. He's worried that there was a keylogger on it and his credit card was compromised. Leo says that unless he wiped the computer himself, he won't know if it's compromised or not. Leo says that it's probably not the Mac, but just in case, Adam should wipe the drive himself. It's really easy to wipe an iMac drive and reinstall the OS. It could be that Adam's iCloud account has been compromised.

How can I securely erase an SSD?

Episode 1476

David from Hollywood, CA
Hard drives

Dan's computer was damaged and Acer is going to replace it, but he's worried about the data on it. How can he wipe the data? Leo says that there's a program called DBAN - Darik's Boot and Nuke that can wipe the drive pretty thoroughly. But Dan should understand that an SSD doesn't format the way a spinning hard drive does, and there can and will be some data leak, where someone could grab the data if they're really motivated.

Is my Chromebook secure for online banking?

Episode 1476

Ray from Homosassa, FL
Samsung Chromebook Plus

Ray has a Chromebook and he wants to use it for online banking. When he logs into his account, though, it doesn't take his password. He has reset the password, but after one login, it locks him out. Leo says that Ray is probably not inputting the right password. He could be mixing up a few letters. Using the Chromebook's autofill feature would be a good idea. That way, the first time he logs in, it will remember it. And the Chromebook is very secure, so Ray shouldn't need to worry about security.

Is it more secure to have my devices connected to a separate guest network?

Episoide 1473

Andre from Irvine, CA
Plume Wi-Fi

Andre has a few Nest devices connected to his router, and one is connected to a guest network. Is that more secure? Leo says no. While guest access doesn't have access to passwords, they do have access to his entire network. Nest is secure, though. Plume offers a great feature - internet-only access to a guest network.

How can I email files securely?

Episode 1471

Fred from Fort Worth, TX
Email

Leo says that Fred is right to be concerned about the security of sending emails because the contents of the messages can be read along the way. If the email is going from one Gmail address to another, however, it would be secure. Ultimately, though, Leo doesn't recommend sending attachments at all. Opening attachments is how most people end up getting infected, and it doesn't just affect that person either. It will spread to all of that person's contacts, affecting their family, business, and the internet as a whole.

Why isn't Malwarebytes working for me?

Episode 1458

Don from Culver City, CA
Malwarebytes

Don is having issues with Malwarebytes. Leo says that if he's experiencing issues with Malwarebytes, there's a good chance that he's been infected. The first thing a malware creator will do is disable online security software and prevent access to those sites in the browser. That's one of the reasons why Leo doesn't like third party antivirus apps. Leo recommends using Microsoft Security Essentials/Windows Defender.

Is there an Android app that could simplify the process of logging onto public Wi-Fi?

Episode 1457

Gary from Rancho Cucamonga, CA
LastPass on mobile

Leo says there's a new feature in Android Oreo 8.1 — it will let you know how fast a Wi-Fi access point is before joining it. Leo says any password vault should enter his password into the web portal when he signs in. Leo prefers using password vaults to any mechanism offered by the browser or phone itself. Password vaults will remember all of his passwords, and on Android, it will actually fill in the password automatically.