Do Your Financial Risks Change Over Time?

There are so many passwords that people need to remember these days. You have your online passwords, your wi-fi passwords, the passwords you use at work, and more. It can be enough to drive you crazy. By the time you think of yet another original password, you have forgotten the last one. It can be a little easier, however, if you follow the following Dos and Don’ts. DON’T use a password that is easy to guess. That means no password 123 or admin 2018. Don’t use something anyone could figure out, like your birthday, dog’s name, or your address. DO choose a password that only you could figure out, such as the embarrassing moment you never told anyone about or the name of the fish you overfed as a child.

DON’T share your password. Unless it is an account that you and your spouse share, there is no reason to give your account information to someone else. Remind your kids of this too. Many kids give their passwords to friends, which can lead to trouble down the line.

DO make sure your password has a combination of uppercase letters, lowercase letters, numbers, and special characters. Each website will have their own rules about what is required. Make sure it is at least six characters long, too, because length can contribute to the security of the password. For example, sTE”vE218 is a lot harder to crack then STEVE218. The trickier you can be the better.

DO use underscores or spaces. If the system will allow you to, this is a great choice. Not many people who are trying to guess a password will consider spaces or underscores. Trying to decide where you inserted them is even harder.

DON’T use the same password for multiple accounts. If someone is trying to steal your information and they figure out one password, you don’t want them to have the keys to your kingdom. It is much smarter to have a different password for each site to protect your assets.

DON’T make your password so difficult that you cannot remember it. If you notice a spider outside the window as you set your new work password and you make your password SPIDER875, there is a good chance that you will not remember it the next day. While the password has to be hard for other people to guess, it should be easy for you to remember.

DO have a password to protect your passwords. If you have all of your passwords saved to your computer and you are the only one that uses your computer, you can add a second layer of protection. Choose the option to have a password on your laptop. Then you can allow Google to save your passwords for each site you visit, but no one can access them because your laptop itself is password protected.

The opinions voiced in this material are for general information only and are not intended to provide specific advice or recommendations for any individual.

Weak passwords can compromise the best security tools and controls. With a never-ending list of applications and services that users and consumers access, people may have dozens of passwords to maintain at any given time. Often, the temptation to use familiar terms such as pet names, favorite teams or the names of children or friends can cause risk since much of those details can be discovered by a simple examination of social media.

Creating strong passwords offers greater security for minimal effort. Weak passwords can compromise the best security tools and controls. With a never-ending list of applications and services that users and consumers access, people may have dozens of passwords to maintain at any given time. Often, the temptation to use familiar terms such as pet names, favorite teams or the names of children or friends can
cause risk since much of those details can be discovered by a simple examination of social media.

Under Lock and Key
You can buy a small padlock for less than a dollar—but you should not count on it to protect anything of value. A thief could probably pick a cheap lock without much effort, or simply break it. And yet, many people use similarly flimsy passwords to “lock up” their most valuable assets, including money and confidential information. Fortunately, everyone can learn how to make and manage stronger passwords. It is an easy way to strengthen security both at work and at home.

What Makes a Password ‘Strong’?
Let’s say you need to create a new password that’s at least 12 characters long, and includes numerals, symbols, and upper- and lowercase letters. You think of a word you can remember, capitalize the first
letter, add a digit, and end with an exclamation point. The result: Strawberry1!

Unfortunately, hackers have sophisticated password-breaking tools that can easily defeat passwords based on dictionary words (like “strawberry”) and common patterns, such as capitalizing the first letter.
Increasing a password’s complexity, randomness, and length can make it more resistant to hackers’ tools. For example, an eight-character password could be guessed by an attacker in less than a day, but a 12-character password would take two weeks. A 20-character password would take 21 centuries. You can learn more about creating strong passwords in your organization’s security awareness training. Your organization may also have guidelines or a password policy in place.

Why Uniqueness Matters
Many people reuse passwords across multiple accounts, and attackers take advantage of this risky behavior. If an attacker obtains one password—even a strong one—they can often use it to access other valuable accounts.

Here is a real-life example: Ten years ago, Alice joined an online gardening forum. She also created an online payment account and used the same password. She soon forgot about the gardening forum, but someone accessed her payments account years later and stole a large sum of money.

Alice did not realize the gardening forum had been hacked, and that users’ login credentials had been
leaked online. An attacker probably tried reusing Alice’s leaked password on popular sites—and
eventually got lucky.

Guarding Your Passwords & PINS. Passwords and PINS protect sensitive data and it's critical to keep them safe. Try these best practices to stay protected.

1. Do not write them down – Many make the mistake of writing passwords on post-it notes and
leaving them in plain sight. Even if you hide your password, someone could still find it. Similarly, do
not store your login information in a file on your computer, even if you encrypt that file.
2. Do not share passwords – You cannot be sure someone else will keep your credentials safe. At
work, you could be held responsible for anything that happens when someone is logged in as you.
3. Do not save login details in your browser – Some browsers store this information in unsafe
ways, and another person could access your accounts if they get your device.
4. Use a password manager – These tools can securely store and manage your passwords and
generate strong new passwords. Some can also alert you if a password may have been
compromised.
5. Never reuse passwords – Create a unique, strong password for each account or device. This
way, a single hacked account does not endanger other accounts.
6. Create complex, long passwords – Passwords based on dictionary words, pets’ names, or other
personal information can be guessed by attackers.