How passwords and screenlocks help protect you

• I could go on for hours about things to think about with passwords. Maybe the top two is that initially a password needs to be unique on every different site. And the reason for that is that if you share a password, if you use the same, you know, your kid's middle name as the password on three different sites and any one of those gets broken into, now the attackers know your password to use elsewhere. And, unfortunately for many of us, you know, there are these rules. You need to use capital letters and symbols and punctuation and numbers, and it becomes impossible to remember. So what many people do is they come up with one strong password and then use it everywhere. And that's really a bad idea because again, you're vulnerable if it gets reused. If any of those sites gets compromised, now it's out there in the open.

So instead, what we recommend is to use a password manager, which is an app that remembers and then auto-fills wherever you go. We have the Google password manager; it's built into Android, it's built into Chrome. But other OS makers, other, you know, vendors have their products. There's third-party ones that are both free and paid. Again, you know, you might get what you pay for, so don't just take anything out there. But if it's coming from Google, if it's coming from one of these big companies, that's much, much better than memorizing and reusing that same password in multiple places.

• And that makes a ton of sense. I mean, when we talk about the passwords for different websites, but what about, you know, getting into your device or, you know, your smartwatch or whatever? You know, and now you have other options. You can, there's biometrics, your thumbprint, or your face scan and all of that. Does it matter or is it, hey, this is pretty low risk that, you know, some spy from another country is going to get access to my phone, so I should just, you know, it's just really to keep my kids out?

• Yeah, so I mean, it depends. For most of us, what we're dealing with on device screen locks is that I left it in a taxi or a roommate or family member picked this up. And so then the threat model is pretty constrained. And it generally is okay to reuse, you know, to use a simple PIN or a biometric. Now you do have to think about who else has access to it. In my own household, I have very smart kids; they watch Khan Academy videos, they've learned a lot. And so if I set the same thing for my watch, my wife's watch, my tablet, my phone, and they shoulder surf any of those, we have that same problem of, you know, once it falls in one place it goes everywhere. For the most part though, I'm not that worried about that.

• I have to say my oldest son, if there was like an Olympics for this, he would be a medalist. He can't help it. He knows he, but if someone, if you're in the room, he somehow knows exactly what you typed in. So anyway, yes, beware. And I think he's a force for good, but there might be—

• Yeah, I mean, foreign spies and 10-year-old kids, like there's a, you know, interesting Venn diagram there.