We work vigilantly at 1st Source Bank to protect you, our clients, from fraud. It’s a 24 hour a day job. We do everything we can to keep your information and money secure, and we have an excellent record.
You can help protect yourself by developing an effective password strategy for your accounts. If you are like many people and use the same default password for all of them, it’s a bad plan. You may have just one password because it’s easier to remember, but it’s also much easier for hackers to get into your accounts.
Take a moment to think about the value of what your passwords are protecting. They’re what keep outsiders away from your valuable stuff, your identity, your money.
We all have so many passwords these days we often don’t give them a second thought and the value they provide. We need to change that thinking and put more time and effort into protecting ourselves, through our passwords.
Think About It
If you haven’t given much thought to your passwords, now is the time to do so. Creating strong passwords can help prevent casual hacking of your accounts, identity theft, and other significant problems.
According to “WeLiveSecurity,” a respected IT security site that covers the latest news on cyber threats and malware, more than 15 billion account credentials are for sale on cybercrime forums. Your password needs to be strong enough to ensure these criminals do not have a direct entrance into all your accounts.
Creating Strong Passwords
Creating strong passwords is part art, part science, and part strategy. Despite widespread education about the dangers of using “password” as your password, it remains one of the most used (or some variation thereof, such as “Password123” or “Password1!”) passwords today, according to Consumer Reports. Here are some strategies that will help you create more effective and stronger passwords.
- Use phrases rather than single words.
- Generate long passwords.
- Mix letters and numbers together in the body of the password.
- Have more than one capital letter in the password.
- Create a unique password for each account.
- Change your password if it is revealed in a data breach.
- Be savvy about phishing schemes where people may be trying to get your password by sending emails that appear official but are not. Most providers will not ask for your password in an email. Ever.
If you have the option, you should also consider doing something different with your username. Don’t set your username to something obvious, such as a combination of your first and last name. Use something unique to you and try changing a couple of letters to numbers or special characters.
Most of us worry that we won’t remember our passwords and therefore we don’t vary them enough. In fact, we keep them too simple.
I suggest using phrases that are easy to remember and simply changing a letter or two to a number or special character. Short phrases, such as a line from a nursery rhyme or a quote you like, are much more difficult for hackers to figure out, especially if you include a random number or special character within them.
Should I Use a Password Manager?
If you think about all the different accounts, you have that require passwords it makes some sense to consider getting help managing them.
Some people use password managers to help them manage passwords across all their devices without risking repeats or making it easy for hackers to compromise their accounts.
A password manager is an application that allows users to store, generate, and manage their passwords for their various accounts. It can assist in generating more complicated passwords, retrieving them, and storing them in an encrypted database.
These password managers can provide value by allowing you to create a more secure password that may not be intuitive, but the manager gives you a quick way to utilize the password through one source.
However, these password managers can be a gold mine for fraudsters, allowing them to access all your passwords in one spot. With that in mind, I can see why you might want to use a password manager, but recommend you do some research before choosing which one.
I would highly recommend looking at how they protect your information, beyond just firewalls and security software. Some of them use a physical USB stick to verify you, or in the case of Apple IDs, they can require biometric authentication, which cannot be faked through a hacker.
Are Your Passwords Compromised?
If you receive a letter in the mail informing you of a data breach that includes your information, the odds are good that your password is also compromised. What does that mean?
It means every account associated with your email address that uses the same password is also compromised. Therefore, we recommend varying your passwords between different systems and limiting when they are re-used.
Haven’t received one of those notifications, but want to see if you have been compromised. There are programs out there that look out for you, like Firefox Monitor from Mozilla and Password Checkup from Google™.
You can use these tools to see if your email address has been part of a data breach and these services will notify you via email if a known data breach has compromised your accounts.
Along with maintaining strong passwords and regular checks for compromise, there is more you can do to keep your information safe and secure.
One of those options is to use multi-factor or two-factor authentication to add a layer of security to your important accounts.
This type of authentication will require an extra step to verify it’s you when a login happens for the first time on a new device, or possibly every time you log in. This is normally confirmed through either a phone call to you, a text message, or in some instances, a separate app on your phone.
We have multi-factor authentication at 1st Source, and we watch vigilantly for any suspicious activity. When there is a login from a new device, we require you to confirm it’s actually you logging in, by sending a text message or a phone call to your number on file.
This extra step helps us deter those that have your username and password from getting into your online or mobile banking and gives you the control to deny suspicious activity, before it happens. Also, every time you log in to your account, we will tell you the last time someone logged into your account.
If you see a login at weird times of the day or on dates you don’t remember logging in let us know right away! We also have automatic lockouts when usernames and passwords are repeatedly used incorrectly to help prevent and deter hackers from trying to guess your information.
Alternatively, you can use a service like Google™ Authenticator or Microsoft™ Authenticator to verify your identity on your behalf once you have registered a specific device with the service.
The bottom line is that it’s always in your best interest to strengthen your passwords as much as possible, and you shouldn’t wait to do it. It’s one of the simplest ways you can protect yourself from becoming a victim of cybercrime.