Post

  • Printer Friendly
  • Send to a Friend
  • Resize Small
  • Resize Medium
  • Resize Large
Home News Password Protection: Best Practices for Cybersecurity

Password Protection: Best Practices for Cybersecurity

Posted on | Categories: Cyber Security, Financial Education

Password Protection: Best Practices for Cybersecurity

In the digital era we’re living in, passwords are the gateways to our entire lives. You log into your phone, bank account, email, shopping carts and sometimes even your healthcare provider’s mobile app all using passwords. Any cybercriminal that has just one of those passwords has the potential to steal your identity and your money. While we don’t mean to scare you, we do want to protect you! Keep reading for password protection best practices that will protect you and your bank account.  

 

Create Easy to Remember and Hard to Crack Passwords  

Creating passwords that you’re going to remember is easy, but that often means you’re creating a password that’s easy to hack. Avoid using generic passwords that include things like seasons, years, your birthday, your name, etc. Here are a few examples of what NOT to use:  

  • Summer2021
  • Taylor1989
  • TaylorSwift

A better way to go about creating passwords is to use a phrase that you’re going to remember. Maybe it’s something your grandma always used to say or it’s a line from your favorite song. Even better, add special characters to make the password stronger. Phrases that are personal to you are much harder, if not nearly impossible, to hack. Here are a few examples.  

  • OopsIDidItAgain
  • 00ps1D1d1tAga1n
  • shelookssoperfect
  • sh3l00kss0p3rfect

Please note: you should NOT use the examples above as your real passwords because they’re now on the internet for everyone to see and that makes it really easy for a cybercriminal to guess your password.

 

Never Use the Same Password Twice  

There’s a caveat to having a password that’s nearly impossible to crack. If you use a password more than once, you instantly weaken your security. Cybercriminals are always on the prowl looking to gather passwords from a large database, and if your only password is leaked in a data breach, they now have access to all of your accounts. It’s best to use a different password for every account, and passwords should vary by more than one letter or symbol. 

 

We understand that your entire lives are probably online at this point between utilities, mortgage payments, getting groceries online, etc. So, it’s not practical to remember every single password you create, and it’s not safe to write them down on a piece of paper or smart phone note for anyone to see. Instead, you can use password managers like LastPass. You just need to remember one password to log into LastPass and it will store all of your other passwords! Bonus, the subscriptions range from $0 to $4/month for single uses and families, so it’s very affordable!  

 

Change Your Passwords Often  

This is another great reason to use a password manager. It can be difficult to know if your account was hacked or password was leaked until it’s too late. Changing your password often is a preventative measure to keep your information secure. Three to six months is a good frequency for updating your passwords.  

 

As we mentioned, to help keep track of everything, you can always use a password manager to store and update passwords. You can make it even easier on yourself by setting up recurring reminders to tell you to update passwords every three to six months!  

 

Use Multi-Factor Authentication for Everything  

Multi-factor Authentication (MFA) is when you have more than one way to verify your identity when logging into an account. Many software systems and platforms allow MFA, so if it’s available, we recommend you set this up or enable it!  

 

Your password is always the first way to verify your identity and your additional way(s) can include a phone call, text message or email. Each time you log in, you should receive a notification in any of those three ways as the second way to verify your identity.   

 

When you utilize MFA, you’ll know when a cybercriminal is trying to get into your account if you receive a notification and you haven’t logged into anything. If this happens, do these three things:  

  1. Reject the login attempt.
  2. Change your password.
  3. Notify the system or platform you’re using that your password was leaked or compromised so they’re able to monitor the incident.

We hope you’re able to use these tips as soon as possible to protect your personal and financial information! If you have any more questions about cybersecurity best practices, please reach out to our team.