Keeping Your Passwords Safe
Review advice, updates, and news from West Gate Bank!
February 11, 2021
Passwords are the keys to everything in our digital lives, which is why it's important to not only keep them safe, but select passwords that are secure from the moment you start using them. The importance of using secure, unique passwords is growing as you entrust increasing amounts of personal information to organizations and businesses that can fall victim to data breaches and password leaks. While you may be unable to prevent a large-scale data breach, you can take the precaution of making sure you craft strong usernames and passwords for your online accounts.
How to create a strong password
Follow these tips to help craft unique, complex passwords.
1. Do not use personal information
Don’t use your name or names of family members or pets in your passwords. Don’t use numbers like your address, phone number or birthdays. These can be publicly available, on forms you fill out or on social media profiles, and easily accessible to hackers.
2. Do not use real words
Password cracking tools are very effective at helping attackers guess your password. These programs can process every word in the dictionary, plus letter and number combinations, until a match is found. Steer clear of using real words from the dictionary or proper nouns or names.
Instead, you might try creating a “passphrase” that combines words, numbers and/or special characters to increase the difficulty of discovery by hackers. For example, build a passphrase using your favorite song, movie title, phrase or saying and include numbers and special characters.
3. Create longer passwords
The longer the password, the harder it may be to crack. Try for a minimum of 10 characters.
4. Don't write them down
Resist the temptation to hide passwords under your keyboard or to post them on your monitor. Stories about hackers getting passwords by rummaging through trash, also know as dumpster-diving are real.
When you type your password in a public setting, make sure no one is watching or looking over your shoulder.
One way to store and remember passwords securely is to use a password manager that keeps your list of usernames and passwords in encrypted form.
5. Change passwords on a regular basis
Passwords for your online financial accounts should be changed every month or two. Computer login passwords should be changed at least once a quarter. Using the same password for longer periods could put your information at risk if a data breach occurs.
6. Use different passwords on different accounts
Don't use the same password on more than one account. If a hacker cracks it, then all of the information protected by that password on other accounts could also be compromised. Use a password generator to help create unique and strong passwords.
7. Do not type passwords on devices or networks you do not control
Never enter your password on another person's computer. It could be stored without your knowledge. When using your devices on public Wi-Fi, you should avoid visiting websites that require you to log in to your account, such as online banking or shopping. When you're on an unsecured public network, your unencrypted data could be intercepted by a nearby hacker. To protect yourself from these threats, you should always use a virtual private network (VPN) when on a public Wi-Fi connection.
Extra security for your passwords
Two-factor authentication and how it works
Two-factor authentication, or 2FA, is a method of verifying your identity that adds a second layer of security to your account password. Types of two-factor authentication can include any of the following:
- Something you know: a PIN number, password, or pattern
- Something you have: an ATM or credit card, mobile phone, or security token
- Something you are: a biometric form of authentication, such as your fingerprint, your voice, or your face
With two-factor authentication (2FA), you get an extra layer of security that hackers may not be able to crack as easily, because the criminal needs more than just the username and password credentials. You may already be using 2FA without realizing it. Your ATM card is an example, combining your physical card and your PIN.
Remember that nothing is 100% secure, and even 2FA can be vulnerable to hackers. If a cybercriminal gains access to the email account associated with your 2FA information, they could reset your password by selecting “Lost/Forgot password” on a given site’s login page. This password recovery option could completely bypass 2FA and allow the hacker to create a new password, locking you out of your account. Be sure to monitor your email account for messages requesting password changes.
For even more information on password security and "10 Mistakes that Will Get You Hacked", check out this video from our partners at Ascend Technologies, a leading Midwest IT partner and experts in cybersecurity.
*This article provides educational information for you. The tips provided may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Information for this post was taken from Ascend Technologies, Norton.com and CNET.com.