To continue enjoying all the features of Navy Federal Online, please use a compatible browser. You can confirm your browser capability here.

Bottom Line Up Front

  • A strong password is your best defense against bad actors. Make it complex and unique!
  • If a site or service offers it, always use two-factor authentication to secure your account.
  • Never click unfamiliar links or unexpected emails. Always contact the company directly.

Time to Read

4 minutes

July 24, 2022

More and more parts of our lives are going digital. Working, banking, connecting with others and even buying meals and groceries are all easily done through mobile apps and online. So, how can we make sure we’re doing it safely? Follow these simple steps to get started:

Update Your Web Browser, Operating System and Security Software

Keeping your mobile operating system, web browser, and security software up to date is more important than you may realize. Updates are frequently released to address security weaknesses that could leave your device and personal information at risk. Check to see if you have an “auto-update” feature and, if so, enable it to ensure you always have the most up-to-date version.

Create Strong Passwords

We’ve all heard that a strong password is one of the best ways to defend against cybercriminals. Here are some suggestions for how to make one that’s harder to crack.

  • Make it long. Use at least 8 characters, but the longer, the better.
  • Make it random. Use a combination of numbers, letters (capitalized and lowercase) and special characters (e.g., # $ % ? @ / ! ;). If you’re concerned you may not remember your password, think of a sentence and just use the first letters of each word. For example, “We love to take walks along the river at night” could be “#Wl2tw@tR@N.”
  • Don’t use anything personal. Don’t create a password with personal information like a pet’s name or your address, phone number or birthday.
  • Don’t use real words. Avoid using common dictionary words. Instead, consider creating a passphrase, where you replace some of the letters with numbers or special characters to make it more secure. So, “I have 2 birds.” could become “Ih@v32b1Rdz!” 

Make sure you change your passwords frequently and don’t use old ones or the same password for multiple websites or accounts. Many people use a password manager like 1Password, LastPass or Dashlane to keep track of their passwords and help them use a unique one for each site/app.  

Use 2-Factor Authentication

If the website or app offers it, enabling 2-factor authentication is an additional layer of security. Once you’ve enabled it, each time you sign in, you’ll receive a one-time code via text message, which you’ll enter when prompted, as an additional verification of your identity. It’s especially important for financial and banking sites and for email, as that’s the most common method used to reset passwords or recover identities.

Beware of Phishing Attempts

Even though it’s an old method, scammers are still using email and social media to try to trick people into sharing personal and banking information. One favorite ploy is sending a message that appears to be from an online retailer, insurance company or even your financial institution. Emails often say something like “Your account has been locked.” If it also includes a link to reset your password to unlock your account, you should be suspicious. So, what should you do?

  1. Don’t click on a password reset link in an unexpected email. Scammers use words like “Your account has been locked” because they’re hoping your shock or surprise will make you click. And, they’ll often set up fake, look-alike sites to capture what they call your “previous” username and password. 
  2. Instead, contact the company directly. You can find their phone number on their website (or if it’s your credit card or insurance company, on your card). Use that number to call them. Don’t call the phone number in the email. If you want to reset your password or sign in to your account, go directly to the company’s website vs. clicking on embedded links.

Consider Biometric Authentication

Although “biometric authentication” sounds complicated, it’s really just using things like fingerprints or facial recognition to access your devices and apps. Regardless of the device you’re using, if you have an option for biometric authentication, you should seriously consider it, because securing your device against unauthorized users means more security for your online accounts. And, it makes launching apps that require a sign in faster and more secure. The benefits are that you don’t need to remember a password or worry about mistyping it, and a biometric sign in is much harder to impersonate.

Navy Federal Is Here to Help

Keep in mind, companies won’t send you emails with links to reset your password, unless you’ve requested it. If you receive a suspicious message that appears to be from Navy Federal, tell us about it. Forward emails to, and for phone calls, texts or social media messages, tell us the date, time, where it originated and what was requested. 

If you’ve already supplied personal information to someone you suspect is posing as Navy Federal, you can call us 24/7 at 1-888-842-6328, or if you’re living abroad, you can call us collect at 703-255-8837.

Check Before You Buy

If you’re buying online, you want to make sure you’re paying through a secure site that will encrypt your personal information. How can you tell? The URL will begin with “https”, or you’ll see a padlock icon to the left of the URL. If you’ve used a device that isn’t yours, make sure to clear your browser history and cache when you’re done to prevent others from accessing your accounts by revisiting your browsing history. 

Keeping Your Accounts Secure

Ultimately, your goal is to keep your personal information and financial accounts secure. Navy Federal offers our members a variety of security notifications and other security features—which you can set up in just seconds. You can learn more on our Digital Security page.

Key Takeaways Key Takeaways


This content is intended to provide general information and shouldn't be considered legal, tax or financial advice. It's always a good idea to consult a tax or financial advisor for specific information on how certain laws apply to your situation and about your individual financial situation.