The Use of Passwords
Passwords are the most common way to prove your identity when using websites, email accounts or your computer. Having strong passwords is essential in order to protect you, and your identity. The best security in the world is useless if a malicious person has a legitimate username and password.
Risks of Using Weak Passwords:
Having a weak password can allow criminals to guess or break your password easily. If a person gets a hold of your password they can impersonate you to commit fraud and other crimes including:
- Accessing your bank accounts.
- Accessing private information held on your computer or network.
- Wreaking havoc on your computer or network.
- Making online purchases with your money.
- Sending emails in your name.
- Impersonating you on social networking and dating sites.
Tips for Creating Effective Passwords
In combination with your user ID’s, your online password is like the lock on your front door, as it provides first-level defense against unauthorized access. Choosing a weak password is like buying a cheap lock to protect your valuables. Following are guidelines for creating a strong password:
AVOID THESE PASSWORD PITFALLS:
1. Do not choose passwords or security codes that can be easily guessed by others. For example:
- Do not use personal contact information like addresses or phone numbers.
- Do not use personal information like your name, birthday, Social Security Numbers, passport numbers, graduation date, or names and information for family members or even pets.
- Do not use favorite sports teams.
- Do not use dictionary words.
2. Do not use sequences of repeating characters, like “1234567” or “abcdefg”, or duplicated numbers, like 1111 or easily recognizable patterns such as 14789 or 2580.
3. Do not use your username for example, Username22.
4. Avoid using only look-alike substitutions of numbers or symbols. Passwords like “P@ssw0rd” are easily guessable by criminals, but can be effective when combined with changes in case, length, and misspellings.
With the use of a little social engineering the criminal will be able to get this type of information and will be the first information the criminal will try.
RECOMMENDED PASSWORD PRACTICES AND MAINTENANCE:
1. Create unique, original passwords using a combination of numbers, letters (upper and lower case) and special characters. Example: 5UP3RM@N a variation of Superman.
2. Use longer passwords at least eight (8) characters in length, as long as you can remember them. The longer the passwords are the harder it is for the criminals to guess what it is or break it.
3. Choose a password that is meaningful so you can easily commit it to memory.
4. Avoid using software or toolbars that store your password.
5. Never disclose your passwords to anyone for whatever reason. If you think someone may know your password, change it immediately.
6. Don’t enter your password when others can see what you are typing.
7. Change passwords regularly every 45-60 days.
8. Use different passwords for different websites. If you only have one password, criminals only have to break one to gain access to everything.
9. If you have to write passwords down to remember them, make sure they are meaningless and unusable by other people by writing them in code, simply substitute the characters in your password with others so you can remember or easily work them out.
10. Do not send your password by email. No reputable firm will ever ask you for your password by email.
Links to third-party tools and sites are neither endorsed nor guaranteed by our bank and are provided only for your information and convenience.
Microsoft Password Strength Checker: https://www.microsoft.com/security/pc-security/password-checker.aspx
Additional Password Strength Information: http://www.microsoft.com/security/pc-security/protect-passwords.aspx