Three years after being challenged to hack CNN's Donie O'Sullivan's personal data, Cyber security expert Rachel Tobac demonstrates how vulnerable his online passwords continue to be. #CNN #News
Style experts spot a ‘no-no’ inside the Oval Office
Amanpour: Dissent about war in Ukraine in Putin’s circle is ‘silenced’
Cannes Film Festival 2023: The stand-out films and stars this year
Anti-Putin Russians based in Ukraine allegedly stage incursion into Russia
Keys only work to keep honest people out.
Same for passwords.
bro mary 100 subscribe pury kar do please bro 🙏🙏🙏
Last fight https://youtu.be/pq9yyaZ25YI
Multi factor authentication is great. Until your phone breaks and you’re locked out of everything….
@Matthew Harrup whatever works is the best way.
Or they steal your phone with your wallet and credit cards…
That’s why every site, at least every one I can remember having set up 2FA on, gives you a bunch of one-time use emergency passwords as a backup. Plop those into your password manager and have no worries.
NOT really. Its very easy to bypass.
bro mary 100 subscribe pury kar do please bro 🙏🙏🙏
It astounds me how so many people aren’t using password managers
I still believe technology is flawed and anybody can get into anything if they want to the veil can always be pierced!!
I am old fashion and I still like to write things down and have them tucked away where nobody can find them. If it’s on a password manager who’s to say it cannot be found? Makes no sense to me it’s the same as hacking a password.
@John Thank you John.
I have actually never ran one before.
In my defense I was in high school when we got our first microwave.
I did know how to set the VCR clock so I thought I was all good.
All I run is a VPN. I will be looking into downloading something asap.
I have 3 pages of passwords currently.
@Living in the Forest I sound just like you.
All my passwords are written down on 3 sheets of paper.
I will not even type them up and print them because I do not want any trail. 😂😂
I don’t need any password manager,i am my own password manager.
You ARE NOT supposed to use the same password for everything. You ARE NOT supposed to even remember them. Your browser will generate for you passwords where you pick how many characters, upper, lower case, numbers, and special characters. In fact, passwords will disappear very soon! There are websites where you type your email, and they sent you a security code, you copy and paste it into the website and then you are logged in. No password is needed. 😉
Wow. Your browser is not very secure. Never let the browser save passwords. Use a password manager.
bro mary 100 subscribe pury kar do please bro 🙏🙏🙏
Last fight https://youtu.be/pq9yyaZ25YI
How could your email service email you a security code to get into your email though? Gotta have a password somewhere.
Thank you for asking about elderly and less tech savvy users. Very helpful segment.
Thank u brother for sending me ur moms number my G 👊🏽
bro mary 100 subscribe pury kar do please bro 🙏🙏🙏
Last fight https://youtu.be/pq9yyaZ25YI
The recommendations are easy:
1. Use a password manager (I recommend Bitwarden)
2. Use passwords that are 16 characters minimum and are randomly generated by the password manager
3. Use 2 factor authentication wherever possible (TOTP is better than SMS, and I recommend Authy or Microsoft Authenticator).
4. Never resuse passwords
5. If you’re in a situation where you must have a password be easy to remember, have the password manager create a passphrase that is 7 randomly generated words long. Still do not reuse this password.
Yes those are a bit confusing to learn about but look into them and you will be infinitely safer than 95% of people getting their info leaked in a breach.
Bitwarden huh…. If LastPass wasn’t greedy as hell .. they could have getting the recommendation.
Password managers can get hacked too and all the passwords are revealed.
2 factor authentication should be made mandatory for the type of accounts most of us have and provide access to multiple important services (Google, Microsoft, etc.). In the EU it’s already mandatory, for example, in the banking industry. The rules have a good balance between practicality and security: to login you only need to enter an SMS code every few months, but you need to enter it every time for transactions above x amount, to change your password, etc.
You are screwed if you don’t actually remember any of your passwords because they are all generated by a program if the main device you use which has the information gets compromised/inaccessible/corrupt since when you don’t remember your password and you’re trying to reset a password it will always ask you for your old password. Which of course you won’t remember since it’s auto-generated random and long.
My best recommendation is to write down all of your passwords and hide it somewhere.
@John Dor my cousin works in IT and has over 600 passwords so writing them down and hiding them wouldn’t be practical. I used to do that, but at around a hundred passwords it was too much for me
If companies were held accountable by the government, this would stop overnight. It’s because there are no penalties. Call your legislators.
bro mary 100 subscribe pury kar do please bro 🙏🙏🙏
Ameeen
Legislators are ignorant about this, will only make things worse.
The problem can’t be addressed only by legislation. For example, if you used an easy to guess password, who should be held accountable exactly? You? You can prevent some hacking but not all.
The solution is technical, but requires industry wide adoption and for users to cooperate.
Would not use a password manager if you are a non tech person or elderly. Working in a tech repair shop I can’t count the number of times a customer comes in and they get tricked into letting someone on their pc and the password managers allow access to all accounts and make it easy to get bank accounts.
bro mary 100 subscribe pury kar do please bro 🙏🙏🙏
I got tricked into giving access to my Google. usually wouldn’t happen but I was busy/distracted when it happened. That gave them access to content of my entire password manager!
What are you talking about dude… My grandma uses Gentoo Linux with LUKS encryption and KeePass XC.
Noobs.
Love Donie! Thanks for the report. Love from an Aussie in Ireland 🍀❤️
bro mary 100 subscribe pury kar do please bro 🙏🙏🙏
Friends don’t let friends use windows. Or similar passwords.Use a long and complicated password.And an open source operating system. Stay safe.
Wearing the same shirt was a hilarious detail.
but what happens if your password manager is hacked? My Google was hacked, and Google was my password manager, so that does not seem safe to me. now Microsoft Edge wants to manage my passwords and I feel same way- how is that safe?
Also, use a service that checks those various “dark web” hacker sites that have the password lists and can tell you that any of your passwords have been compromised. If you’re using a online password manager make sure you’ve got MFA on that when you’re making a connection from a new device.
Our phones should be password encrypted… Thus if we check our accounts from our phones we should be 100% safe
Mostly the bad people do online orders …and store pickups ..thus they get away with it. I was hacked once they hackers setup accounts at Walmart then picked up the goods in another state . They got a bit over 2500 in goods ..I caught the charges and had to change passwords …thing is I never had a Wallmart account not before or after .so be careful check your bank transactions carefully often I do every few days
Missed opportunity to talk about the upcoming industry standard *Passkey,* supported by Google, Apple and soon Microsoft.
This is a very recent technology, so not fully supported yet, but will eliminate the need for passwords across devices.
Also *Security Keys,* supported by Amazon, Facebook, Google, Apple, Microsoft and others available today. Combine a Security Key + Passkey and you will get top-grade 2FA security with no passwords.
Seniors are vulnerable to social engineering and have retirement accounts to safeguard. Seniors also get into the cycle of frequently resetting forgotten passwords. It can take a psychological toll. Please get and use something like 1Password or LastPass protected with fingerprint or face recognition to manage passwords and safeguard your information and do not let anyone you don’t know remote-control your devices for any reason whatsoever.
If you get an unusual email or error message or phone call:
1. Stop.
2. Call your trusted tech support person.
It is really worth learning to protect your sanity and your accounts.
Mr O’Sullivan has been a brilliant addition to the reporting team at CNN. Also just love the use of It’s Always Sunny in Philadelphia music.
Love Donie! Always good to see him. Great job 👏🏽!
But no one answered the question, “How safe are the password managers?” If yahoo, and other sites, can be compromised, why not the password manager?