Archive for Identity Theft

3 Steps to Strong Passwords You Can Remember

Passwords are the house keys to your online accounts, and when they’re hacked, intruders can break in and wreak havoc.

Women typing on computer

Photo Credit: http://ow.ly/SBlC30gQ8mN

To create strong passwords, you have to strike a balance between making them difficult for others to guess and making them easy enough for you to remember. Many people favor simple ones at their own risk: “123456” and “password” have remained the two most common passwords for six years, according to password security company SplashData.

Unlike many other security measures on websites, a password is one you have full control over. And given that over 1,000 data breaches happened in 2017 alone, according to the Identity Theft Resource Center, it might be time to strengthen your passwords. Here’s how.

How to make a foolproof password

1. Start with a sentence

Despite the “word” in “password,” it’s better to think of starting with multiple words. Some websites require only six or eight characters for passwords, but that doesn’t mean it’s a recommended length.

» MORE: How to make online banking more secure

When it comes to passwords, “longer is better,” says Richard Crone, a payments expert and CEO of Crone Consulting LLC. “And the way to do that is to use a sentence structure.”

Pick a sentence that’s memorable but doesn’t have details that relate too closely to you. Avoid using birthdays or the names of pets or family members, and feel free to be creative. Here’s an example: “cats do not like cucumbers.” Then, take out the spaces, “catsdonotlikecucumbers.”

“It’s really the length and the unrelatedness that gives you the best protection,” Crone says.

2. Avoid using real words

Change how your sentence looks by removing all the vowels, or only use the first one or two letters of each word. Don’t use dictionary words, which makes your password easier to guess.

The previous example becomes “cadonolicu” if you’re using the first two letters of every word in that sentence.

3. Mix in numbers, symbols and uppercase letters

Bring in a variety of characters to your password. Some websites have minimum requirements so you need to use at least one capital letter, one lowercase letter and a number. You might have to add a symbol like a period or exclamation point, too. As you mix it up, don’t repeat letters, numbers or symbols right next to each other.

By capitalizing some letters, replacing the “l” with an exclamation point and turning an “o” into a zero, the sample password becomes “CaD0No!icU.”

Use a password manager

The steps above help when you’re creating one really strong password, but remembering a dozen or more such passwords might make your head spin. That’s why you might want to consider using a password manager such as LastPass or Dashlane. There are free options, but some features are available only for purchase.

Think of a password manager as a bank vault that creates and stores long and complex passwords so you don’t have to. The only password to know is the one that unlocks the vault. Once you type that one, you can log into whatever online accounts you decide to keep on the password manager.

If you don’t use an online password manager, consider writing down complex passwords and storing them in a safe place such as a locked cabinet at home or in an encrypted file on your computer. These passwords should be difficult to access as well as to guess.

A password is “like scrambled eggs,” Crone says. “The more you fluff it up and spice it up, the better.”

The article 3 Steps to Strong Passwords You Can Remember originally appeared on NerdWallet.

Connect with us on FacebookInstagramTwitter, or YouTube!

Everything You Need To Know About The Equifax Breach

Proactive Steps after the Equifax Data Breach

 a lock

Photo Credit: http://ow.ly/cjx530f5RQD

In a recently revealed breach, the scope of which the country has never before seen, 143 million Americans may have had their personal information exposed.

Equifax, one the nation’s three major credit reporting agencies, reported a massive data breach that lasted from mid-May through the end of July. Hackers were able to access people’s names, Social Security numbers, birth dates, addresses and even some driver’s license numbers. They also stole credit card numbers of approximately 209,000 people and dispute documents containing personally identifying information of 182,000 people. It wasn’t just Americans who were targeted – the hackers also got their hands on personal information of some UK and Canadian consumers.

Right now, the situation is still developing and there are many more questions than answers. Researchers are seeking explanations for the site’s outdated security system, an accurate number of those affected and the impact this will have on the future of credit reporting.

Meanwhile, though, people are wondering if they’ve been affected and what they can do about it. If you have any type of credit product such as a credit card, mortgage or auto loan, there’s a chance your personal information may have been compromised. Instead of panicking, though, it’s best to learn all you can about this data breach and then take the proper and practical steps toward protecting yourself against future damage.

If this sounds daunting, take heart – Section 705 FCU is here to help! We’ll walk you through some suggested steps and clear instructions for what you can do now.

1.) Find out if your information was exposed

You can do this by visiting an Equifax created website for sharing information about this issue, equifaxsecurity2017.com. Click on the “Potential Impact” tab and enter your last name along with the last six digits of your Social Security number. The site will tell you if you’ve been affected by the Equifax breach.

Since your SSN is sensitive information, be sure to complete this step only on a secure computer that uses an encrypted network connection. Once you’re visiting the Equifax informational site, you’ll also find easy access to frequently asked questions about the breach. In addition, Equifax has set up a call center to assist consumers. The call center’s hours of operation are 7 a.m. to 1 a.m. daily (weekends included), Eastern Time. That number is (866) 447-7559.

2.) Sign up for free protective services

Whether your information was exposed or not, U.S. consumers are being offered a full year of complimentary credit monitoring and other services through Equifax’s TrustedID product. The site will provide you with a date to return and sign up for these services. Be sure to follow up on the designated date because the last day for enrollment is Nov. 21, 2017.

The protective program includes the following features: Equifax credit report copies; three-bureau credit file monitoring, providing automated alerts of any major changes in your credit reports; Equifax credit report lock, preventing third parties from accessing your Equifax report; Social Security number monitoring, which performs online searches of suspicious websites that may list your Social Security number; and $1 million identity theft insurance, which covers some expenses in the event of a stolen identity.

Be warned, though, that the fine print of this service contains a catch. The terms of service agreement for TrustedID states that enrollees must employ arbitration over civil courts in order to settle any disputes. Critics of the company argue that Equifax is taking advantage of victims by forcing them to sign over their rights. You may, however, decide that the benefits offered by this service far outweigh its negative fallout.

3.) Place a credit freeze or a fraud alert on your files

If your information has been exposed, consider placing a credit freeze on your credit bureaus. This will make it more difficult for someone to open a new account in your name, though it won’t stop a thief from making charges to your existing accounts.

Instead of a credit freeze, you can choose to place a fraud alert on your files. This will warn creditors that you may have been victimized by identity theft, alerting them to verify that anyone seeking credit in your name is really you.

Even if the Equifax site did not tell you you’ve been exposed, it’s always a good idea to closely monitor your credit card and financial accounts for charges you don’t recognize.

4.) File your taxes early

Tax identity theft is more common than you think. If your SSN was accessed in this breach, it’s best to file your taxes as soon as you have all the necessary tax information. Don’t let a scammer use your SSN to get their hands on your tax refund. Also, be sure to respond immediately to any letters you receive from the IRS, though be suspicious of any emails or phone calls claiming to be from the IRS, as the IRS will not initially notify you using such means.

The Equifax breach may be one of the worst the US has ever seen, but by taking the proper steps toward protecting yourself, you can minimize any potential damage.

 

Interested in more stuff like this? Connect with us on Facebook, Instagram, Twitter, or YouTube!

 

SOURCES: 
https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do
http://thehill.com/policy/cybersecurity/349869-five-questions-about-the-massive-equifax-breach?amp
https://motherboard.vice.com/amp/en_us/article/mbb8vv/want-to-know-if-your-ssn-was-included-in-the-equifax-breach-good-luck
https://aaacreditguide.com/equifax-data-breach/