Go to main navigation
Password do's and don'ts
« Return to "Extra Credit Union Blog"
Sometimes keeping your financial and personal accounts safe is as simple as a good, solid password. Extra Credit Union’s Technical Support Specialist Darius Broughton, shares a few common sense tips about passwords:
- Create unique password every time. When you are changing a password for an existing account, it should not be the same as the previous password. Also, do not use incremental passwords while changing it. i.e password1, password2 etc.
- Change your passwords for all your accounts once every six months. Since passwords have a fixed length, a brute-force attack to guess the password will always succeed if enough time and processing power was available to the attacker. So, it is always recommended to change the passwords often. Schedule a recurring appointment on your calendar to change your passwords once every six months.
- Never write down your passwords. Creating a very strong password and writing it down on paper is as bad as creating a weak, easy-to remember password and not writing it down anywhere. Several interesting surveys have been done on this subject where it was found that many people write down their password and keep it somewhere next to the computer. Some of them think keeping the note below the mouse pad is secure enough, however, you should never write down the password on paper. If you want to carry your password along with you all times, use a password manager tool that runs from a USB stick and take that with you at all times.
- Don’t share with anyone. Anyone includes your friends and family. You might have heard the phrase “Passwords are like underwear, don’t share with anybody.” We teach our kids several things in life. Teaching them about online safety and not sharing their password with anybody should be one of them.
- Never keep the same password for two different sites. It is very tempting to create one set of passwords for all your emails, another password for all the banking sites, another password for all the social networking sites, etc. Avoid this temptation and keep unique passwords for all your accounts.
- Don’t type your password when someone is looking over your shoulder. This is especially very important if you type slowly and search for the letters in the keyboard and type with one finger, as it is very easy for someone looking over your shoulder to figure out the password.
- Never send your password to anybody in an email. If you follow #3 mentioned above, this should not be an option. But the reason I’m specifically saying about this is because several hackers send emails as a support person and asking for your username and password through email. Legitimate websites or organizations will never ask you for your username and password via email or over the phone.
- Change password immediately when they are compromised. Even if you have the slightest doubt that someone might have stolen your password, change it immediately. Don’t even waste a minute.
- Don’t use the “Remember password” option on the browser without setting the Master Password. Don’t use this feature of the browser to store your username and passwords without enabling the “Master Password” option. If you don’t set Master Password on the Firefox browser, anybody who uses your Firefox browser can see all the passwords that are stored in the Firefox browser in plain text. Also, be very careful with this option and click on “Not Now” in the remember password pop-up when you are using a system that doesn’t belong to you.
- Don’t type your password on a computer that does not belong to you. If possible, don’t use someone else’s computer that you don’t trust to log in to any website, especially to very sensitive websites such as banking. It is a very common practice for hackers to use key loggers that will log all the key strokes on a system, which will capture everything you type, including the password.
« Return to "Extra Credit Union Blog"