How Strong Passwords Can Help Protect Your Accounts

Scammer and hacker attacks continue to have damaging effects on consumers and businesses. One thing that’s clear is that gaining access to passwords is still a top cause of security breaches. The good news is that having a strong password can be the first step in outsmarting the bad guys and minimizing risk. The even better news? There are several ways you can increase the security of your life online.

Create a Unique Username and Password for Each Account

Most of us have accounts on multiple websites—for both business and personal needs—which makes it challenging to remember the username and password for each one. While some people think the solution is to use the same password for all their accounts, that’s unwise. We can’t stress this enough—it’s important to have a different username and password for each and every account you have. Why? One reason noted by Norton security advisors is that by using the same password for all your accounts, you leave all accounts open to risk if even one gets breached.

Check Your Passwords’ Strength

Many websites will measure the strength of your password at the time you create it. If the site you’re using doesn’t do that, there are plenty of online password strength-checkers and random password generators you can use to help you build a strong password.

Increase Your Current Passwords’ Strength

If you determine your current passwords aren’t strong enough, it’s simple enough to change them. Here are some tips for increasing password strength:

Username

• Create a username between 6 and 32 characters.
• Include at least 1 letter and 1 number.
• Don’t use part of your email address, Social Security Number, birthday, or account or access numbers.

Password

• Create a password between 8 and 32 characters.
• Include at least 1 number, 1 letter, 1 capital letter and 1 special character (e.g., %, &, #).
• Consider using a mnemonic sentence—the longer, the better. For example, “My loving but crazy friend Kate has over 12 cats.” could become “MlbcfKho12c.” It looks random, but it’s easier to remember. Then, for added security, replace some letters with numbers or special characters (e.g., M1bcfKh012c!).

Don’t Use Any of These in Your Password:

• Part of your email address
• Social Security Number
• Birthday
• Pet name
• Family names
• Account or access numbers
• Dictionary words (Lots of people still use “password.” It’s the easiest to hack.)

Keep in mind that longer usernames and passwords are far more difficult to crack.

2-Factor Authentication Is the Minimum

More and more apps and sites, including Navy Federal Credit Union’s, offer 2-factor authentication (2FA). 2FA blends exactly 2 separate layers of protection and security by double-checking your identity before giving access to your account. Most often, 2FA will require a user ID and password plus one other form of identification, such as a unique code sent by text.

Password Managers Offer the Best Password Protection

A Password Manager is a software application for storing and managing login credentials and generating strong passwords. The Password Manager stores these details securely for you in an encrypted database, locked behind a master password.

Your master password is then the only one you have to memorize. Entering your master password allows you to gain access to all your stored passwords to use as needed.

Now, it’s important to note that browser-based Password Managers such as Chrome, Firefox, Internet Explorer and others aren’t ideal. They store passwords on your computer in an unencrypted form and can be accessed by others.

The best option is to store the database of passwords on your hard drive. There are a variety of these kinds of Password Managers available, and each has its own pros and cons. Before you decide which option is best for you, compare features, benefits and cost of major hard drive Password Managers.

Safeguard Your Passwords

One final and very important point regarding strong passwords and security:

Never share your password or 2FA code. Believe it or not, some people do share their passwords, either on purpose or accidentally. In fact, a survey of IT and security managers conducted by Enterprise Management Associates (EMA) revealed that nearly a third of respondents said they experienced a breach because users shared credentials with an unauthorized person. Another 28% said they had a breach when users shared information in a phishing attack.

Be aware—fraudsters have begun trying to trick people into giving out 2FA codes by impersonating their financial institutions. Never give the code to someone who calls and asks you for it.

More Security Essentials

If you’re interested in learning more security essentials, visit our Navy Federal Credit Union Security Center for articles, tips and resources.