Beyond the Password: Why We Need Better Computer Security
There might have been a time when standard passwords were adequate security measures for most computer applications.
Crooks can decipher passwords in many fashions:
- They use remote sniffers to record keystrokes — They cause you to download computer viruses that record your keystrokes or sniff out your password and cookie files before transmitting them back at their lairs.
- They look over your shoulder at cafes when you’re logging in. (“123456789” is pretty easy to spot … as is “qwerty.”)
- In some cases, they can just guess: If your children’s names are on Facebook, or your pet’s names, those are often enough for them to pry into an account. The word “password” is a lousy password. “Password1” isn’t much better. Don’t use them. Hackers will guess them every time.
- In other cases, crooks can use brute force computer programs that will try tens of thousands of number and letter combinations in an effort to break in to your account. Today’s computers are more powerful than ever, and some can break a standard password in mere minutes.
The stakes are higher than ever, too. Americans have more information hanging on a single password. One email address and password can get a hacker into your checking account, your retirement savings accounts, your Facebook and Twitter. If they get into one account, such as a PayPal account, they can then raid your PayPal, your bank or credit union account, and probably many other accounts. Throw in a PIN (It’s not your birthday, is it?), and things can get pretty bad, pretty quickly.
The financial services industry is constantly looking for ways to make your financial information more secure, without making your account too difficult for you to access yourself. Security versus access is a very difficult balance to strike, but it’s one we must always consider and improve upon.
As we do so, here are some things that you can do to help ensure your safety:
- Don’t use the same account login or password on multiple accounts.
- Don’t keep all your assets in a single account. Separate them and ensure they aren’t linked, so if a thief were to gain access to one account, they cannot gain access to the others.
- Use long passwords rather than short ones.
- Use special characters and mix up upper-case and lower-case letters.
- Consider giving unguessable answers to security questions. Hackers can figure out where you were born. Unless you type in “ogre” to throw them off.
- Create a utility email account that you don’t use publicly. This is the address you should give site operators to send password reset information. You might keep one email address for correspondence, for example, and one to receive financial and personal statements.
- Be careful about sharing email accounts with family members. Even spouses, children and parents have been known to abuse them.
Ultimately, keeping your passwords and IDs safe is your responsibility. Banks and credit unions may not be responsible for losses if you are careless with your PIN or if you neglect to report a known security breach. If you believe your account has been compromised, notify your financial institution immediately. The faster you report it, the faster the damage can be limited.
This article is for educational purposes only. Tulsa FCU makes no representations as to the accuracy, completeness, or specific suitability of any information presented. Information provided should not be relied on or interpreted as legal, tax or financial advice. Nor does the information directly relate to our products and/or services terms and conditions.