Be Safe Online

Password Safety

Many consumers don’t take password security seriously enough. Easy to guess combinations like “password1,” “123456”, and “qwerty” routinely top the lists of the most frequently-used passwords.


Hackers can now easily crack just about any six-character password. The longer and more unique you make your password, the harder it is for bad guys to guess it. Here are some guidelines for creating effective passwords:

  • Make your password long and unique. The longer your password, the better, but it should be no shorter than eight characters. For maximum security, your password should contain a mixture of upper- and lower-case, numbers, and special characters. Alternatively, you can use a long string of four or five random words. Just be sure the words are really random—if you’ve thought of “four score and seven years ago,” so have the hackers!
  • Stay away from common words and personal information. Your birthday, your pet’s name, the name of your school—most of these types of passwords can be easily deduced from your social media posts or other online information. It’s best to make your password completely random.
  • Don’t re-use passwords. With all of the sites that require logins, it can be a real challenge to create a unique password for each. However, at the very least, you should keep unique passwords on your email accounts and online banking sites. That way, even if a hacker gets a password to one of your sites, he can’t access your email to intercept any email alerts, and he won’t be able to get at your bank/credit union accounts.
  • Use Multi-Factor Authentication (MFA) where possible. MFA requires not only your password, but something you have, typically your mobile device. If a login is attempted from an unrecognized device, a confirmation code will be sent to your phone. That keeps hackers from logging in with just a password. FPCU’s Digital Banking uses MFA by default. Many major email services and websites have MFA available, but you often need to enable it.
  • Change your passwords regularly. Again, this can be a challenge with a large number of passwords, but the more often they are changed, the less likely it is that a hacker will get his hands on a valid password.
  • Consider a password manager. Password managers are apps that create very long, random, highly secure passwords, and automatically enter them into sites you visit, so you don’t have to remember them. Using a password manager takes care of many of the above items: they create unique, secure, easily changed passwords and store them securely. There are many password managers available; an online search will easily find reviews and information. Password managers don’t work with every site, so choose the option that’s right for you. If you use a password manager, access to it is protected by—of course—a password, so be sure to make it the strongest password you can!

Protect Your Devices

  • Use a firewall. Most modern operating systems (like Windows 7 and higher, or Mac OS X) have a built-in software firewall, which protect your computer from unauthorized intrusions from the Internet. Most routers and cable modems also have a hardware firewall which affords an extra layer of protection. Make sure your firewalls are enabled (check with Microsoft, Apple, or your hardware provider for instructions), and be cautious about installing any programs that wish to turn off or modify your firewall.
  • Keep your anti-virus software up to date. While anti-virus software can’t protect against every threat, keeping the software updated will minimize your chances of picking up a virus.
  • Lock your computer and devices. Create a password or passcode for your computers and mobile devices. While that may cause some minor inconvenience, if your computer or device is ever lost or stolen, a stranger won’t be able to access your personal data, photos, contacts, etc.
  • Be careful with public Wi-Fi. Most people don’t realize that anyone on a public Wi-Fi network can potentially see your activity if you don’t take precautions. First, avoid entering any passwords or personal information while on a public network, but if you do, be sure that the site address starts with https and your browser displays a lock (that means it’s a secure connection and the data is encrypted). Second, change your device settings to keep it from automatically connecting to hotspots. That puts you in control of deciding whether or not you want to connect. Third, more advanced users may consider using Virtual Private Network (VPN) software or app, which encrypts all of your Internet traffic.

Set Alerts

Financial Partners offers a variety of alerts through Digital Banking which will notify you when activity happens on your account. You can set notification types and thresholds (for instance, be notified when there is a debit card purchase over $500), and you can receive emails or text alerts. Many other financial institutions offer a similar feature. By using alerts, you will know quickly if any unauthorized activity has taken place. 


Return to Security Center