Financial Tips

Password Safety Tips

Passwords are the first line of defense against unauthorized access to your computer, smart phone or tablet and even more importantly, to your personal information! The consequences if this occurs can include loss of your valuable data, access to your bank account and money, or even the potential to steal your identity! One of the most simple and common ways hackers break into your devices and computers is by guessing your password. Here are our top ten tips to keep your password secure:

1. Keep your password private— Don’t share your password with anyone under any circumstance!
Even if you trust someone, you should never give out your password. Your communications could be intercepted, the other person may write your password down or save it somewhere, or the other person’s computer may be infected with malware.

2. Always use long, complex passwords.
Passwords that can be found in a dictionary can be cracked in seconds. Hackers like to use password cracking programs to guess your password by trying every combination of numbers, letters, and special characters. To guard against these password cracking programs, use long & strong passwords— the longer the password, the harder it is to crack. Make sure it always contains a combination of upper and lowercase letters, numbers, and special characters like “&” and “%”. When not using multi-factor authentication (MFA), it is wise to use a password length of 16 characters or more. 

3. Create passwords that can’t be easily guessed.
If your password can be easily guessed, it weakens the security and might lead to a costly breach. Don’t choose passwords that use birthdays, children’s names, anniversary, pet’s names, hometown, or favorite sports team could all be easily gleaned from social media accounts or other sources. Attackers search the social media websites for personal details like these and try them as passwords.

4. Use a sentence or passphrase.
Think of a sentence or phrase that is easy to remember but hard for someone to guess, or turn your favorite quote into an acronym.  Longer is stronger, so opt for passphrases rather than passwords. 

5. Consider using a password manager to keep track of your passwords.
Do not write your passwords on sticky notes that can be seen by others, or store them on your computer in clear text. Instead, consider using a secure password manager—an encrypted vault for storing passwords that is protected by a master password.  Most password managers also have the ability to generate passwords for you.  Make sure to use a very long and complex password for your master password.    

6. Do not use simple adjacent keyboard combinations.
Also known as keyboard progressions, these are easy to crack.  Examples of these include, “qwerty”, “12345”, and “1qaz”.

7. Change your password immediately if you suspect it may have been compromised.
If you notice strange activity on your account, immediately change that account’s password, and never use the same password for multiple accounts.

8. MFA all the way.
Passwords alone cannot always provide sufficient protection. Use two-factor authentication for sensitive accounts. Multi-factor authentication is a special type of security that involves two separate types and stages of authentication. Usually, two-factor authentication uses something you “have” along with something you “know”. ATMs use multi-factor authentication by requesting your ATM card and your PIN. Many online accounts require two factors: a password and a verification of your identity with your phone or another device with a one-time passcode. Other forms of multi-factor security authentication might include a token or a removable media device, such as a USB drive.

9. Do not re-use important passwords— Use unique passwords for each account.
If you use the same password for multiple accounts, you increase your overall risk. The breach of a single account could potentially lead to the breach of all of your accounts. When a hacker knows your username and password on one service, the hacker will try the same login information on other services. To thwart these types of attacks, use unique passwords for every account you have and change them often. Email addresses, personal banking, your Amazon account, cable and internet services, mobile devices, personal computers and all your other online shopping accounts should all have separate passwords.

10. Public computers may be infected with malware or have other security issues. Never enter your username and password on an untrusted computer.
Public computers, such as those at hotel business centers, libraries or Internet kiosks, may not be appropriately secured. They could be infected with malware, which could potentially steal your password. You could also forget to log out, leaving your account vulnerable to intrusion. To avoid this, don’t log into your account on a public computer. When traveling, always use a secure Internet connection.