Having a strong password for online accounts is the first line of defense for keeping your personal information safe from intruders and hackers.
Here are some tips for creating a strong password:
Keep your passwords private-Never share your password with anyone. Do not share it with friends, even if they are really good friends. If you are a parent, it is okay to ask your children for their passwords, but make sure they understand this is a rare exception to the rule. As a parent, we understand your concern for your child’s internet safety, but keep in mind respect for their privacy. This is a great lesson in responsibility and trust!
Don’t just use one password for all logins- Use a variety of passwords for your logins. If a site where you use your password is attacked by a hacker, it is possible that they could use it to break into your accounts on other sites.
Make the password at least 8-15 characters long- The longer the password, the better! Longer passwords are harder to crack.
Use a combination of numbers, capital and lower case letters, and symbols- Consider using an “@” for the letter A, or ! for the letter I- but please be aware that “H@ppyB!rthd@y” is NOT a strong password. Password thieves and hackers are already onto this trend and can easily crack that type of password. A combination of upper case and lower case letters and symbols, used at random, will help create a strong password.
Avoid using personal dates and names- Avoid using people or pet’s names, especially if they are easily found via your social media accounts. It is also good practice to avoid using key dates like birthdays, anniversaries, etc. If a hacker is trying to steal important information, you can be assured they have probably already done some digging about you through Google searches and social media pages.
Don’t post it in plain sight- It is best practice to NEVER WRITE DOWN YOUR PASSWORDS. If you must write it down, hide the note somewhere where no one can find it.
How to create a strong, complex password:
Security and IT experts are now recommending the use of a “pass phrase” as an increased measure of protection. It should be a phrase or sentence with at least eight words. It could be a quote from your favorite movie, line from a poem, song lyric, or line from a book. Example: “Toto, I’ve a feeling we’re not in Kansas anymore” from the 1939 Film, “The Wizard of Oz.” Let’s create a passphrase from this quote:
- Remove all but the first letter of each word in your phrase: TIAFWNIKA
- Replace some of the upper case letters with lower case letters: TiAfwNIkA
- Now, substitute a number for at least one of the letters: T1AfwNIkA
(Here, we replaced the “I” that stood for “I’ve” in the quote with the number 1)
- Finally, use special characters ($, &, +, !, @) to replace a letter or two. You can also add an extra character to the mix for additional security: T1@fwN!k@
Check the strength of your password:
There are plenty of online tools that you can use to help test the strength of your password. It doesn’t guarantee an unbreakable password, but it is always good to double check! If your password isn’t strong enough add some more numbers, letters, or characters at the end. We tested our example above and it was weak, but after adding the following we were able to strengthen it!
T1@fwN!k@W- medium strength
T1@fwN!k@W00!- strong strength
Do your research and find a site to test your password strength.
Password management software:
There are many programs and web services available to help you manage your passwords. Some are even free. These programs create very strong passwords for each of your sites, while you only have to remember one password to access the program or secure site that stores the passwords for you. It is still recommended to have a very strong password for your password manager in order to avoid hackers from breaking in and gaining access to all of your accounts and information.
Other good practices:
Think before you click- If you receive a suspicious email, DO NOT CLICK any links! Always remain skeptical of any email including links. By clicking on these links, you could put yourself or organization at risk of an attack. If there is a link, always check the link by manually typing it into the browser window at the top of the page.
Look out for the following red flags in emails:
- Incorrect spelling and bad grammar
- Sense of urgency or threatening language
- Strange or misspelled email address
- Asking for personal information
- Asking you to change your password
Make sure your devices are secure- Securing devices doesn’t just stop at software programs installed on your devices. You need to be a human firewall! Keep your workspaces - physically and digitally - at home or the office clean and organized. Be cautious of someone looking over your shoulder while you are typing on a device in public. Always be sure to log out of any accounts when using a non-personal device and exit out of any web browsers and email when leaving devices unattended. For added protection, add a password or passcode to un-lock devices in order to use them.
You can never be too safe when it comes to your personal information. As a reminder, here at ēCO, we will never send an email asking for your personal information or account number. If you have questions or concerns regarding your accounts, ēCO has a secure messaging option available through ēCO Virtual Branch that we urge you to utilize for these questions. Learn more about our mobile and online banking options HERE!