Eight Keys to Creating and Managing Your Passwords

In recent years, hackers have developed sophisticated methods using malware such as bots, worms and viruses to infiltrate systems and capture your critical data without you knowing until it is too late. IT staffers at community banks and credit unions around the country defend against these attacks with antivirus software and firewalls.

Despite these efforts, it is likely that the most vulnerable point in the line of defense is you, or more specifically, your passwords. The whole point of passwords is to defend against threats to your valuable and sometimes personal data. Therefore, cyber thieves often attempt to gain entrance into banks and credit unions through targeted attacks on bank employees. That is why it has become so important to understand the keys to creating, managing and securing all of your passwords.

Top 8 Keys to Password Creation and Management

1. Make passwords impersonal.
   Avoid using names and dates such as birthdays, wedding anniversaries, spouse names, kids’ names, grandkids’ names, pet names, etc. These are some of the most popular and overused passwords today making it easy for hackers to figure out. If you are using personal names and dates as your passwords, you are not offering yourself a high level of security.
2. Mix letters, numbers, case and symbols in your passwords. Try multiple words together separated by symbols such as “Run?Jump?Laugh?Fun?” or substitute numbers for specific letter, such as “$+@p135&0ff1c3M@x” instead of “Staples&OfficeMax.” Mixing lower-case and upper-case letters adds another layer of complexity and increases security as well.
3. The longer the password, the better.
   Passwords should contain as many characters as possible. The length of a password is a major key to its security. When allowed, a password should be a minimum of 12 characters. With each additional character added to a password, the likelihood of the password being compromised is decreased by an increasing percentage.
4. Use a formula to create your passwords.
   Be sure the formula isn’t easily identifiable. For example, “MarkJaneLucyBob” has a lot of characters but anyone who sees this knows you are most likely using your family names as your password. “Ma*Ja*Lu*Bo!” is much more secure and not too difficult to remember.
5. Never reuse your passwords.
   Although it is tempting to use the same password in multiple programs or sites, it is not a good idea. If your password is compromised in one place, then you are immediately vulnerable in multiple places.Whenever possible, randomly generate a unique password for each program or site you use.
6. Change your passwords on a regular basis.
   This key becomes more important if you are not following the previous keys regarding personalization and complexity. A complicated, lengthy, randomly generated password that is not reused on other sites might be acceptable to use for an extended period of time. Conversely, a short, simple password including personal names and dates, that are reused on multiple sights should be changed much more regularly.
7. Use a password management program.
   While these tools have their own security issue as they are the key to all your passwords, they are really the only practical way to manage all of your user names and passwords. A heavy internet and social media user can easily have 50 passwords or more while even a novice user most likely has as many as 15 passwords. These cannot be maintained long term without help. Smart phone apps offer various password management options and the app store will provide ratings and reviews from other users. Respected industry resources, such as CNET or PC Magazine will also provide trustworthy list of options.
8. Test the strength of your passwords.
   There are some excellent free tools available for you to test the strength and vulnerability of the passwords you create. One option that provides you with a score is The Password Meter. It gives users a percentage score and complexity rating. Another one, called “How Secure is my Password?” informs you how long it would take for your password to be cracked.

With the amount of valuable, personal data in need of protection it is important to create and maintain secure passwords as part of your overall data security strategy. As part of our Security service offerings, Safe Systems provides system hardening, system monitoring and validation. We also offer DNS Protect, which defends against internet-based threats on all servers, workstations and laptops on your network.

Dispelling 5 IT Outsourcing Myths within Financial Institutions

Learn why five of the most commonly believed “facts” about IT outsourcing within community financial institutions are actually myths.