The question comes up at almost every cybersecurity meeting, seminar and discussion group: Is your password strong enough?
Research indicates many are not.
Passwords are the keys to your kingdom. Your identity, data and associated information can be unlocked by a single phrase or word. Once a fraudster identifies your username, which is often as simple as your email address, finding your password is their next conquest.
A quick search of your social media accounts might uncover your pet’s name, your mother’s maiden name or your favorite vacation spot. You become easy prey if those happen to be your passwords, parts of your passwords, or the answers to password security questions. Remember, fraudsters have all the time in the world and will take as long as they need if they believe the prize at the end is great enough. The simpler the password, the quicker it can take to get to that prize.
Believe it or not, here are the five most common passwords in 2019 according to CNN research:
Don’t even think of using these.
Instead, create strong passwords to make attacks more difficult. As simple as that sounds, it’s the best advice when it comes to protecting your accounts, data and the information of your friends and contacts.
That’s right, protecting your contacts is a matter of personal responsibility.
Once a fraudster has access to your contact list, they have the email addresses and phone numbers for other potential victims.
One particularly effective fraud tactic is to send an email containing malware to the email addresses in your contact list. Odds are that someone will click on that email, download the malware, and provide the fraudster with an additional treasure trove of information.
So, how do you protect yourself?
The key ingredients of a strong password are length (the longer the better) and a mix of letters (uppercase and lowercase), numbers and symbols. Avoid dictionary words and ties to your personal information.
Tips for Stronger Passwords and Safer Accounts
Here are additional tips from Consumer Reports:
- Go long and complicated – Try a long phrase that is only meaningful to you. Something silly like “Mydogdigs4rubberbones!” can be both effective and easy to remember.
- Don’t recycle – Use different passwords for your accounts. Recycling passwords creates vulnerability. Try a password manager app.
- Use two-factor authentication – Two-factor authentication (2FA) adds an additional layer of security. This typically entails entering a code sent to your smartphone.
- Don’t be too social – Be careful what you share on social media, and limit your posts to people you actually know.
Finally, an emerging password technology is the use of “passphrases” rather than passwords. Passphrases are a random collection of four or more short words that only make sense to the user. Because the words are random and don’t even make sense in a sentence, they are much harder to guess or replicate.
Protecting your information is as important as locking the doors to your home every night. The more obstacles you place in front of a fraudster, the more likely they will move on.
Knowledge and awareness are powerful defenses against cybercrime. For more fraud prevention tips and information, visit Regions’ Fraud Prevention Resources.
Jeff Taylor is the head of Commercial Fraud Forensics for Regions Bank.
The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/stopfraud, or speak with your banker for further information on how you can help prevent fraud.