Protect Your Passwords!

Passwords are a very important part of a secure system. Most security breaches are made by intruders gaining access to passwords. The following is a list of preventative measures to take when creating passwords.

  • Use “Strong” Passwords;  A strong password is one that is at least eight characters, includes a combination of letters, numbers, and symbols and is easy for you to remember, but difficult for others to guess.  Create strong passwords that you can remember. You could come up with a completely random combination of numbers and symbols, but that's not very practical. How would you remember it? Chances are you'd write it down and keep it in the top drawer of your desk and then it's no longer such a great password after all. 
     
  • Create a strong passphrase. The easiest way to create a strong password that you won't have to write down is to come up with a passphrase. A passphrase is a sentence that you can remember, like "My son Aiden is three years older than my daughter Anna." You can make a pretty strong password by using the first letter of each word of the sentence. For example, msaityotmda. However, you can make this password even stronger by using a combination of upper and lowercase letters, numbers, and special characters that look like letters. For example, using the same memorable sentence and a few tricks, your password is now M$8ni3y0tmd@. If you still think that's too hard to remember, you could try a more common phrase, such as "You can't teach an old dog new tricks." If you're using a common phrase make sure to inject at least one number or symbol into the password. Such as U(t@0DnT.
     
  • Avoid using family member names alone. If someone has access to your personal information, these are the first passwords that they will try. Names combined with other words are OK. Examples - MaryXYZ, 1234Steve.

  • Think of something that is unique, but something that you will remember. Example - HEYYOUGTP = Hey You, Guess This Password.

  • The longer, the better. Longer passwords are more difficult to guess or break. Typed passwords are usually between 3-12 characters long.

  • Change passwords every couple of months. We don't want to give an eternity for someone to guess your password.

  • Commit the password to memory. Do not write it down (This defeats the purpose). Even if you forget, it shouldn't be too difficult to give you another.

Some of the following intruder methods are rare, but have happened. We don't want ourselves or you to be one of those rare cases! By informing you of these possibilities, we hope to provide you with a safer security system, help you to recognize possible dangers, and let you know what we are trying to prevent.

  • Avoid using dictionary words alone. Some passwords have been broken through dictionary comparison. In this method, an intruder copies the encryption routines and the user passwords. A program then feeds an entire dictionary through the same encryption routines that the passwords were encrypted with. The encrypted dictionary words are then compared to the passwords. If any match, the intruder has identified a password without even breaking the encrytion algorithm.

  • Be wary of unusual changes in the password Sign On screens. A Trojan Horse is a program, placed onto the system by an intruder, which acts like a Sign On screen, but instead of verifying passwords, it copies them into a file. The intruder comes back later and anyone who signed on during that time has his password stolen.

Remember, Any security measure will not help much if the system thinks someone else is YOU. Please keep those passwords a safe place.

Protect Yourself From Online Fraud!

Do not trust or act upon unsolicited emails that request personal information such as passwords, credit card numbers, ATM PINs, social security numbers, etc.

  • Fraudulent emails are typically not personalized with financial institution information.
  • Fraudulent email often present end users with scenarios of negative consequences if they do not act immediately on the email’s instructions.
  • Fraudulent email messages often contain flawed English.

Do not fill out forms contained in email messages requesting sensitive information.

  • Personal information should be provided by calling your financial institution directly or by logging onto their secure web site by typing the URL (web address) into your browser.
  • Type your financial institution’s URL (web address) into your browser and bookmark it. Use the bookmark derived from hand-typing the address for all subsequent visits to your financial institution’s website.

Keep your web browser patches up to date.

  • Regularly access your browser’s website to download security patches. Patching your browser regularly will protect you against a variety of software vulnerabilities.

Regularly log in to your online accounts. If you see anything unusual, report it immediately to your financial institution.

  • Pay close attention to your bank, credit card and debit card statements. If you see anything suspicious, immediately contact your financial institution and the card issuer.

 

© 2008 NVE Bank
All Rights Reserved
Privacy Statement