We offer the following advice to help you to pick strong passwords and to protect your passwords.
Are Your Passwords Strong Enough?
Do you have a "strong" password? If you're not sure, ask yourself these questions:
- Is your password something simple like "password" or "default"?
- Is it the same as your name (or portion of it) or User ID?
- Does it consist of a "real" word that can be found in a dictionary?
- Is it a sequence of numbers like "123456"?
If you answered "yes" to any of the above questions, you have a "weak" password, and need to take immediate actions to strengthen it.
Hints for strong passwords
One of the best ways to protect your privacy is to make sure you are using strong passwords. Here are some helpful hints:
- Make sure your passwords are at least 6 characters long – longer if possible.
- Use a mix of letters, numbers, upper/lower case and special characters (if permitted).
- Don't use your name, User ID, or easily guessed values (like "password", "pw," or "default").
- Don't use any words found in a dictionary (like the months of the year followed by a single number), or any sequence of just numbers.
- Don't use keys that are simply adjacent on the keyboard (like ASDFGH).
However, some patterns on the keyboard (like q2w3e4r5t6) can give you a strong password that is still easy to remember. In fact, you could use the same pattern the next time that you change your password. For example, by changing the starting character from q to w, you still have a strong, totally unique, and easy-to-remember password.
So, how can you follow these rules and still have a password that you can remember? One trick is to use the "keyboard pattern aid" noted earlier. Another is to think up a phrase that you can remember and then use the first letter of each word in that phrase (try throwing in a number too if possible). For example, "Golf is fun for me to play" works out to "Gif4m2p." Let your imagination run wild and you can probably come up with all kinds of ideas for good, strong, passwords.
This advice to members is provided by CUNA Mutual Insurance Company.
Protecting Your Passwords
Do not write your passwords down. To help remember the password, use it immediately. Then log in and out several times the first day. Just don't change it on a Friday or right before leaving for vacation.
Keep your a secret, even from friends or family members (especially children) who could pass them on to others who are less trustworthy.
Never provide your password over e-mail or based on an e-mail request. Any e-mail that requests your password or requests that you to go to a Web site to verify your password is almost certainly a fraud. This includes requests from a trusted company or individual. E-mail can also be intercepted in transit, and e-mail that requests information might not be from the sender it claims. Internet "phishing" scams use fraudulent e-mail messages to entice you into revealing your user names and passwords, steal your identity, and more. The credit union will NEVER ask for personal information from you in an e-mail. Never.
Do not type passwords on computers that you do not control. Computers such as those in Internet cafés, computer labs, shared systems, kiosk systems, conferences, and airport lounges should be considered unsafe for any personal use other than anonymous Internet browsing. Do not use these computers to check online e-mail, chat rooms, account balances, business mail, or any other account that requires a user name and password. Criminals can purchase keystroke logging devices for very little money and they take only a few moments to install. These devices let malicious users harvest all the information typed on a computer from across the Internet—your passwords and pass phrases are worth as much as the information that they protect.
This advice was adapted from the Microsoft website.