Passwords are commonly sought after by cyber criminals, making it more important than ever to protect your password and login information from being hacked.
So, what should you do?
Start by creating a secure password that makes sense to you, but not to others. There are a variety of common techniques used to crack passwords and most people don’t realize that accounts become vulnerable due to the use of simple and widely used passwords.
Cyber criminals use password cracking programs like “John the Ripper” or similar, which automatically plug common words into password fields. This is why experts recommend avoiding consecutive keyboard combinations—such as “qwerty” or “asdfgh”, dictionary words, slang terms, common misspellings, or words spelled backwards.
Simple passwords are more easily hacked as well. The latest advice is to use a “pass phrase” rather than a password. A “pass phrase” will be relatively long, approximately 20 characters or more, and consist of seemingly random words strung together along with numbers, symbols and upper and lowercase letters. It is best to think of something you can remember, but others couldn’t guess.
If a “pass phrase” isn’t your thing, make sure your password is long, the longer the better, at least 12 characters or more. Longer passwords make it more difficult for thieves to crack.
Including numbers, capital letters and symbols are always important to making a password more secure. Consider using a $ instead of an S or a 1 instead of an L, or including an & or % – but note that $1ngle is NOT a good password. Password thieves are onto this. But Mf$J1ravng (short for “My friend Sam Jones is really a very nice guy) is an excellent password.
Rather than posting your password where everyone can see, say on a sticky note near your computer or in a notebook labeled “Passwords”, consider using a password manager. Some help generate secure passwords for each of your sites, but you only have to remember one password, the one for the password manager.
When available, consider implementing multi-factor authentication. This protection requires the user to further authenticate themselves by entering a code that is sent via text message or voice message to a phone number on file. Typically, this is only required when you access an account from an unrecognized device.
Most importantly, don’t share your passwords with anyone. No one from AllCom Credit Union will ever reach out asking for your password either through phone, mail or email.
Remember these tips to keep your passwords safe and happy browsing.
Continue to look for our next round of banking safety tips coming soon.