Blog

Strong Passwords to Fight Fraud

Written by Alex Resetar | Sep 23, 2021 12:15:53 AM

Making smart choices when you create a password

Passwords are something that we need in almost every aspect of our lives now.  From placing an online order, checking your child’s grades to your finances, passwords are a major part of our lives.  Making sure that those passwords are strong and secure is the first step in fighting any potential fraud.  We asked Ryan Strauser, Senior Security Administrator in our IT department, for some advice on password security and here is what he has to share! 

Why do you need to use a strong password?

A strong password is the best way to protect your confidential data by making it harder for a human or computer to guess what your password may be.  The industry standard definition for a strong password would be at least 8 characters long and a mixture of letters, numbers and special characters.  Try to avoid using things such as a family pet or birthday of a loved one and pick something you wouldn’t typically relate to yourself.  The longer the password the better!

Why should you use a different password for everything?

Oftentimes when your personal demographic data is taken, a hacker will store this information for use at a later time.  A good example was in 2016 when yahoo announced that 100% of users on yahoo had their accounts hacked, and personal information taken.  This means that if you had a yahoo account your username and password was compromised.  If you used this same username and password for your online banking login, a hacker might store this data and attempt to access your account at a later time, after you had forgotten about the initial breach.  Having a different password would protect you because all of your systems would be individually secured.

 

Is there a way to store my passwords safely? 

Remembering strong passwords can be a challenge, especially when you have separate passwords for separate systems containing confidential information.  There are a few ways I could advise handling this.  Most smart phones offer secure password apps, with Apple IPhone offering a built-in service called iCloud Keychain.  You can access this in your phone’s settings menu and use this to store secure passwords.   Be sure to turn on biometric (retina or face scanning) to unlock your phone and set an automatic time of 10-15 minutes for your phone to lock when not attended.  You can also download an app from the market on both iOS or android which are great at handling storing passwords.  Some examples are LastPass, NordPass, Enpass and Password Safe.

 

What should I do if my password gets compromised? 

If your password gets compromised, don’t panic but be prompt in your actions.  Typically, you will get notified via e-mail if a new device has logged into your account.  If you receive a message like this or you were contacted and it was not you who logged in, make sure to change your password to a different strong password as quickly as possible.  Additionally, change your password on any other systems which share the same username and password.  If available, request two factor authentication be enabled on these systems going forwards, so that a would-be hacker would need a special token which can be sent to you through text message in order to complete the login process. 

As always, if you have any questions, don’t hesitate to reach out, we’re here to help!