August 17, 2021
Categories: Education, Financial Security, Protecting Your Accounts, Safety & Security, Scams & Fraud, Tips
Think about all the digital accounts you have and use. Chances are, you bank through an app, pay people from your phone, shop online, and use social media and email. These accounts usually contain personal information such as credit card information, account numbers, your birthday, address or phone number. Passwords are the gateway to that personal information, so it’s important to do all we can to thwart hackers trying to find and use those passwords.
As each of us increases our number of digital accounts, we have more passwords to keep track of than ever. According to a 2020 Nordpass study, the average American has 100 passwords. That’s a lot to keep track of! No wonder we use passwords that are simple to remember. To make it easy on ourselves, some of us resort to frequently used passwords like qwerty, iloveyou, password, 12345678 and football, each of which is estimated to take less than a second for a hacker to crack.
What can we do to make sure our personal information stays safe? Here are some tips on creating more secure passwords–and remembering them–so you can keep your private data private.
First rule of passwords: don’t share
For password safety, it’s important to keep them to yourself only. When you share a password with someone else, you’re giving away access to any of your accounts that use that password. Maybe you’re sharing it with a person who wouldn’t unknowingly do you harm but who might store your password in an insecure location or where it’s vulnerable to phishing schemes. Or maybe you’re victim to a love scam with a person who is violating your trust to take your money. Or you’re unknowingly giving your password to a scammer posing as a representative of your financial institution.
It’s a good rule of thumb to be suspicious of anyone who asks for your log-in information, and to never give it out.
Never provide personal information in response to a text message or phone call purportedly from The Summit. No credit union employee would ever reach out to you and ask for personal information such as account numbers, usernames, passwords or passcodes.
For more about spotting financial scams, visit our fraud prevention center.
Don’t write them down
We know. Keeping passwords in a notebook or on a slip of paper is fast and easy. But it just isn’t safe. All it takes is for someone to come across your password or list of passwords—at the store, in your desk, or in that wallet you lost–for your security to be severely compromised. Skip the old school pen and paper.
Use a password manager
Instead, use a password manager, which is a utility or app that stores and keeps track of your passwords. With these apps, you only need to remember one password to access the others. Some password managers are free, but the ones available through a paid subscription tend to have more features. Do your research to see which password manager is best for you.
What about letting your internet browser save passwords for you? Although doing this is convenient, it poses additional risks and isn’t recommended. And for that matter, don’t store payment information, whether that’s locally on your device or on retail websites.
Have a program create your passwords… or make them yourself
Password safety can be convenient. Password managers not only can store your passwords but can make them in the first place. Opinions differ on whether computer-generated passwords are better, or whether it’s okay to make the passwords yourself. If you do make your own password, use a passphrase, a string of unrelated words peppered with special characters. Passphrases tend to be easier to remember than a jumble of complicated letters and symbols.
Make your passphrase 12 characters long at least, and include upper case, lower case and special characters. So, instead of Lkjh$%d^7RbL@q, use a phrase like OutletHairPlum and change it around a little, maybe to something like ouTleth%aiRplum. Substituting a numeral for a letter, like “5” for “S” also isn’t recommended, because hackers can decipher these rather easily.
Use a different password for each account
Repeating passwords is a no-no. If a hacker gets ahold of one password and access one of your accounts, why make it easy to get into another account as well?
It’s also recommended to change your passwords frequently. Some people make new passwords the same time they change their clocks in the spring and fall, but for optimal password safety, change passwords every 60-90 days or sooner.
If any of your accounts has an option to use multi-factor authentication, do it. What this means is that after logging in, the account will ask for a code that it sends to your mobile or email. This confirms your identity, and the extra step helps keep hackers out of your accounts. It’s like having an extra bolt lock on your front door.
For more account safety tips, visit our fraud prevention center.
Cynthia Kolko, The Summit Federal Credit Union