Languages

Support on this site for Internet Explorer 7 and Internet Explorer 8 will end on April 26, 2017. You must update your browser prior to then to continue accessing ubt.com and UBTgo Online Banking. Learn More Here >>

Build Better Passwords

Heather Kadavy,

September 02, 2015

Managing Your Money

Articles

Information Security is about safeguarding data and one of the best ways to do that on line is to protect your Passwords. You can make yourself less vulnerable to attack by following some quick tidbits:

  1. 1. Your tricks aren’t a secret: You may think that replacing the word “to” with “2” or the word ate with “8” is a crafty but so do hundreds of other people. Criminals know that we as humans have a hard time remembering the bevy of passwords needed in today’s world, so variations of the word “password” or using our dog, cat, family member’s names just don’t cut it in today’s electronic security arena.

  2. 2. Mom’s rules about sharing and telling the truth don’t apply: Never share your passwords with anyone for any reason. If provided, use answers to your challenge questions as a layer of security. This means use answers not publically known by your friends and family and avoid answers found on your Facebook, LinkedIn or other social media sites. For example your favorite animal might become “hedgehog” rather than the common dog, cat, fish, or bird.

  3. 3. Security Best Practices are necessary – Stay current: Passphrases trump Passwords
    • Avoid dictionary words or common phrases, rather think of passwords in long sentence formats. For Example:
      George Strait is a Great Performer 120% of the Time – becomes GSis@G8P120%T
      Pink is a better performer than a color – becomes P^k7s@bptaC
    • Longer is Stronger
    • Go beyond your four, six, eight character passwords. 11 is the new 8.
    • There are more special characters than “!” and “*”, use them.
    • Replace expected numbers with those beside or above the letter – i.e. everyone expects “i” to be the number 1 but try 2, 7, 8 or 9 instead.
    • Different & Change is Good
    • Always maintain different passwords between “Personal”, “Work”, “Financial Transactions” and “Internet-Social Media fun” so if one is breached you are still protected in other areas.
    • Stale passwords open the door to compromise so change them often.
  4. 4. No don’t write them down!
    Can’t remember all those passwords, consider if a password management tool is right for you. A password manager acts like a virtual safe. It takes your usernames and passwords and encrypts them in a database which is stored on your device or in the cloud. You create one user code and password to remember and it allows you to open the virtual safe where you can access the list of your various user codes and passwords. The important thing to remember is the tool must provide for encryption, it must be actively updated and patched so you are always using the latest version, and it should not combine your personal and work credentials. If you are interested in a personal password management tool – do your homework before choosing one off the internet.

  5. 5. Prepare yourself for a breach: If for any reason your password has been compromised, change it immediately and notify appropriate personnel. For example at work - your helpdesk, Financial Transaction sites - your bank, Credit Card Company or investment company, a fun or social media Internet site – their fraud/security team.

Stay alert! You are the target of any criminal attempting to take on your identity and commit theft. By demonstrating your commitment to information security personally, you are in essence, protecting yourself and your own piece of mind.

Back to Top

Add new comment

I have an android-type phone. What password management app do you recommend ? I checked the app store and there are so many and most have a 4-star rating. But I don't want to just pick one. I'd rather have it recommended. Please advise. I have an account with Union Bank. I loved your article on passwords !!

Due to a game I was playing with some IT Techs I had about 10 email addresses plus my normal financial links and ended up with 10 separate passwords I couldn't remember so I went back and changed them all to one or two strong ones that I can remember.and canceled all the extra emails I don't use. It makes it a lot easier. I don't trust those password storage sites.

1Password is a great password management application, and you can use it on any platform. It's not free, but it's worth every penny. More info: https://agilebits.com/onepassword

Check out this article on their blog on making strong passwords: https://blog.agilebits.com/2011/06/21/toward-better-master-passwords/

Hi Richard, we reached out to our IT Security staff, who provided the following response:

"...Richard can't go wrong with either of the top two password managers for Android Lastpass (https://play.google.com/store/apps/details?id=com.lastpass.lpandroid&hl=en) and Keeper (https://play.google.com/store/apps/details?id=com.callpod.android_apps.k...).

Both are cross-platform (meaning you can not only run on your phone, but from personal computers as well), will scan your vault to check for weak passwords and help you create more secure ones and support two-factor authentication for extra security. Both do charge an annual fee for full app features on android (lastpass $12.99 and Keeper $9.99), but these are very reasonable fees for the features and support."

Thanks for posting and for keeping your information safe!

This blog article is for informational purposes only, and is not an advertisement for a product or service. The accuracy and completeness is not guaranteed and does not constitute legal or tax advice. Please consult with your own tax, legal, and financial advisors.