Senior Tech Group
Getting Comfortable With The Basics

Program Notes for the 2nd week of the Month

We have no prerequisites on Mar 13, 2023, at 1 and 7 PM | Join Online Meeting > The Gadget Gurus. Just ask questions about previous topics. I will also review the current tech news. We will do our best to answer computers, smartphones, apps, cameras, tablets, and internet questions. So bring your tech issues and enjoy the meeting.
LastPass Data Breach Shows Why Plex Updates Are Important – By Review Geek Review Geek

Some quotes from the article:

  • Here’s the interesting thing; the “vulnerable third-party media software” exploited in this hack was Plex.
  • Plex tells Review Geek that this exploit was disclosed and patched in May 2020, at least 2.5 years before the LastPass breach.
  • You need to keep products up to date, and if a device in your home suffers from an unpatched exploit, you should take it offline.

Q: On Bitwarden, when using a PIN code, can it be used all devices MAC Desktop  Elaine G L
A:  You can use any PIN you want. I suggest it be at least six digits, not something like your birthday or phone number. The same or different PIN can be used for each device. Here is the Bitwarden Unlock with the PIN help page.

Q:  I changed the original Master PW for LastPass to the new PW and now changing all PWs in the vault. However, I had Authy Master PW (Authy Backups Password) stored in the LastPass vault when it was hacked.
Should I change Authy master PW (Authy Backups Password), and if so, how? I use Authy for BitWarden 2FA and don’t want to screw that up. John S Renn Jr.
.   > Here is the explanation of the terms used by Authy.
Authy Backups Password – Authy allows you to backup and sync your 2FA account tokens across devices. With Authy Backups, you can easily sync 2FA access to your essential online accounts between your phone, tablet, computer, and more.
The Master Password – in the Chrome, Windows, and MacOS Authy applications, you can set a password to lock your Authy app installation.
The Protection PIN on iOS and Android allows you to lock your Authy app with a 4-digit PIN code or a biometric scan.
A:  Yes, you should change any critical information saved in LastPass. – What is a Backup Password? Can it be recovered? A backup Password ensures that you always have secure access to your 2FA account tokens, no matter if you lose access to your devices, your Authy app, or your Authy account.
Can I reset my backup Password?  
Yes, resetting your backup Password by tapping on Change Password in the backup Password area of the Settings menu within the Authy app is possible. You must ensure all 2FA account tokens are decrypted on your device (No red lock icons). Once a user resets their backup Password on a device, all other devices with the Authy app for this user’s Authy account will require entering this new backup Password.

Can I use my backup Password on other devices?
Yes, once a backup Password is created, it can be used on any other device tied to the same account the user has an Authy app installed. If a user enters their backup Password on any other device, it decrypts their 2FA account tokens onto that specific instance of the Authy app.

Q:  What is needed to reinstall Authy or install it on a second device? Just an old phone # and master PW (a backup Password)? Stew R
A:  The phone number you used to signup for Authy is your User ID is used in conjunction with your backup Password. It will synchronize your vault to the device.
. > Here are the help pages.
.   > Reinstalling Authy and Restoring Access to your Account
.   > What is a backup Password? Can it be recovered?

Q: Is there a recovery code for Authy, like online accounts, or just for each token? Stew R
A:  NO – > Notice: Since the Backup Password is never sent to Twilio Authy or stored in our servers, we cannot recover your password.

Q: Is Bitwarden Doing Enough To Prevent Password Theft? – By Forbes
A: Article Conclusion: – No need to quit Bitwarden. Just be aware of the minimal risk should you enable the auto-fill feature.

  • If you use Bitwarden, “Auto-fill on page load.”
  • In the “Default autofill settings for the login items” option, choose “Do not auto-fill on page load.”
    This allows Auto-fill on page load for only a few items you can choose to enable (off by default for all and manually turned on for select items).
  • And ‘Default URI match detection’ should be set to Host or Exact,” this mitigates the attacks.

Note: These are the Auto-fill settings I use, and I only turn Auto-fill for a few login items.

   

Bitwarden Help – Auto-fill on page load is an opt-in feature.

 

Warning – This feature is disabled by default because, while generally safe, compromised or untrusted websites could use this to steal credentials.

Q: I don’t use a browser password manager, but some STG people should be advised of a vulnerability in those options. Jay
Warning: Don’t Let Google Manage Your Passwords – By Neil J. Rubenking PCM
A: When using a dedicated password manager, you should stop the browser from offering to save and fill passwords.
Here are Bitwardens instructions to disable a built-in password manager. – Most web browsers will automatically save your passwords by default, but experts generally agree that built-in password managers are more vulnerable than dedicated password managers.

Q: > 1. How do I set up SIM swapping prevention on Google Fi? Unfortunately, I can’t find a place to put in a password to prevent unauthorized sim transport. Stew R
A:  Protect your Google Fi number against SIM swaps – Your Fi number is tied to your Google Account. This means it has all the security protections of your Google Account.
.    > 2. Please demo how to set up a Google Voice number for cell phones and computers.
A:  Set up Google Voice – Google Voice gives you a phone number for calls, texts, and voicemails.

Tech News & Tips

Deals,  Sales & Reviews

Video Tips

Search This Site
Tech News by Topic
Recent Tech News & Tips
Links

Designed by Glenn.