Brad accidentally downloaded some malware, but he can't find it to remove it. Leo says downloading a file is only half the equation. He then would have to run it. Since he can't find it, even in his download log, it's likely it was a failed download. On top of that, Brad runs a Mac, so he's even more secure than Windows. But he should always make sure he keeps his computer updated, just in case.
Mike is wondering how good the encryption is in Microsoft Word and Excel documents. Leo says it's actually pretty good and that it's adequate, but not uncrackable. Leo says it's hard to crack stuff on the web when a service can slow the attacker down. But if someone can get a document that's locked and own it, there's nothing to stop them from trying a million passwords a second, and brute-force that document. Having said that, Microsoft has started using strong encryption on documents. The weak link will be the password.
Adrian's wife did a sliding pattern to lock her mobile phone and now she can't remember it. How can she unlock it? Leo says that in theory, Android doesn't want to give users a way around it, otherwise it would be useless for security. However, it's possible that if she has a Samsung account, she could have it backed up. There's also a way to do it by connecting it to a PC running Android Device Manager. Through that, she could unlock the phone.
Antonio signed up for Google Docs and he's been offered Norton to protect his files. Leo says he hates antivirus, and Norton is one of the worst. Leo recommends staying with Microsoft's Defender and keep it updated. At the end of the day, it's his behavior online that will be the last line of defense. So, here are a few things he can do to protect himself online:
Mike's Coinbase Bitcoin wallet has a corrupted IP address to it and he's worried his wallet has been hacked. Leo says he can't have two IP addresses on an account. Leo says that the ISP may be at fault here and Mike should log into his Coinbase wallet and make a screenshot of the error messages. Then he should contact his ISP and show them the evidence. They need to fix it. Leo also says he should change his Coinbase password just in case. It's possible something nefarious is afoot.
Leo has talked a lot on the Tech Guy show about using two factor authentication wherever possible to ensure the security of your online accounts. Two factor authentication requires more than just a 1 factor to login. This could include two of the following: something you are (such as biometrics like fingerprints or iris scans), something you know (a password), or something you have (a smartphone or hardware key). This could be called many things, including “Two-Step Verification” and “Two-Factor Authentication” depending on the site.
There's a botnet called "Reaper" that has been growing at an alarming rate. It's a network of compromised devices, mostly routers, that is likely in the millions. We don't know who is doing this, or who's controlling it, and we can't stop them from doing it. It's sophisticated enough that it could be a nation and not just an individual. We still have no idea what it could be used for, either.
Carlos wants to know about biometric behavioral passwords. Leo says that the idea has been around for awhile. Google uses gate analysis to know if you're the one holding the phone. It could be the future.
Karen has a Samsung Phone and Tablet and she is getting a popup in her phone that will allow her apps access to her phone data. Leo says that Android works by requiring permission to do things as she needs them. So when she's opening an app to do something, the app is requesting access in order to do what she wants it to do. That kind of behavior is OK, but if it's out of nowhere, then she's right to be suspicious.
Tom wants to know where he can find a YubiKey, and whether or not it's accessible for the blind. Leo says they are accessible, and he can get it at yubico.com. This is a little USB device that plugs into a USB port, and the computer sees it as a keyboard. The YubiKey will light up, and then press the button on the key. Just make sure the cursor is in the correct field that it will need to fill, and it will fill in the password. This doesn't work for an iPhone, however, because it doesn't have a USB port.