
How Secure is My Password?
It’s generally recommended that you change your password once every three months or so, but it can be easy to forget or push it off. You may be wondering if it’s really such a big deal? Yes, it is because cybercrime is on the rise. In a 2018 survey of adults, almost 33% said they personally had experienced a hack of their social media and email accounts. This may be because up to 50% of them use the same password for multiple accounts. Read this article to help you secure your passwords and online accounts before you get hacked.

LESSON CONTENTS
What makes a secure password?
Ideally, your password should be made up of a string of random letters, numbers and symbols. Some password manager websites recommend at least 12 letters, numbers and characters.
The most common password of 2020 was 123456. This password was used by 2.5 million users. As you might guess, hackers can crack this password in less than a second. Other common passwords for 2020 included:
- 123456789
- Picture1
- Password
- 12345678
- 1111111
These are weak passwords and can be cracked in a short amount of time. You also want to avoid using anything that would be easy to figure out such as your birthday, your spouse’s name or birthday or your kids’ birthdays.
How do hackers steal passwords?
Hackers are a creative and technologically adept bunch. There are all sorts of ways a good, or even an average hacker can crack your password. Here are some of the most common ways.
Brute force attack
A hacker will simply try to guess your username and password, often by using programs. This allows them to try many combinations of letters and numbers until they find one that works.
Dictionary attack
A dictionary attack is similar to a brute force attack, but it uses a list of passwords that have a high probability of success. They use all the most common passwords, plus passwords like popular sports teams, organization names and other easy-to-remember passwords people like to use. They often try variations of spring, summer, winter and fall in the corresponding season because they know some people do change their passwords with the seasons.
Phishing
Phishing is when someone tries to get your personal information by asking you to click a link or verify information over the phone. Many cybercrimes begin with phishing attacks. These emails often say there’s a problem with your account and your response is needed, or sometimes they send you a fake invoice for something you know you didn’t order. Then they ask you to click a link. If you have any questions at all about whether an email is legitimate, it’s best to go to the company’s website and log into your account there. Don’t click anything.
Credential stuffing
Credential stuffing tests databases or lists of stolen credentials. Hackers can purchase these lists and personal information from the dark web or other illegal sources. If you use the same password across multiple accounts, they have access to all of them.
How to Create a Secure Password
These are the steps you should take to create a strong password:
- Passwords should be 16 characters or more.
- Use a combination of random letters, numbers and symbols.
- Also use a combination of upper and lower case letters, LiKeThiS.
- Don’t share passwords with anyone.
- Don’t use passwords that contain any personal information, such as your maiden name, your address or your pets’ names. Anyone can find this information on social media.
- Do not use the password “password” or “PaSSwOrd.” Do not use the same letter or number repeated over and over, such as aaaaa or 12121212.
You should change your passwords every so often, and don’t reuse passwords you had before. Some experts say you should change your password every three months, while others say if you have a strong password you don’t have to change it unless it’s been compromised. This is especially true if you use multi-factor authentication.
You can also use a password strength checker. These are available online and some of them are free.
What else should I do to protect myself online?
You’re probably wondering how you’re going to remember these random strings of letters and numbers for all the websites you visit. The answer is a password manager. These can keep your passwords safe in an encrypted vault, and you can change and update them as often as you like. Some password managers will fill your passwords in for you and look for weak or compromised passwords and send you an alert if it finds any.
What else should you do to keep yourself protected from online criminals?
Use antivirus software
Antivirus software will scan your computer for malware, ransomware and other security compromises.
Use a VPN
A VPN is a Virtual Private Network and using one will prevent hackers from keeping track of all of your online activity. A VPN creates a private network from a public internet connection and keeps your information hidden. Many people check their emails and surf the web using public Wi-Fi when they’re waiting for their kids, in restaurants or at coffee shops. A VPN will hide your browsing history and scramble your data so it remains private. Some VPNs are free, and some charge between $5 and $14 a month.
Don’t click on any links in emails that look suspicious
The following brands are the most likely to be impersonated in a phishing attempt:
- Microsoft
- DHL
- Roblox
- Amazon
- Wells Fargo
- Chase
- Apple
- Dropbox
If you get unsolicited emails from any of these companies, you should be suspicious. You could forward the email to the actual company and ask them if it’s real. If it is, they’ll contact you and if it’s not, they have a security team that keeps track of these things. If you get a suspicious email from Amazon, for example, you can forward it to stop-spoofing@Amazon.com.
Be careful with social media
It’s tempting to share personal information on social media—after all, wasn’t that what it was created for? Be careful not to post personal information that can be used to guess your passwords or steal your identity. Remember that after you post something, it’s there forever. You should still be vigilant even if your profile is set to private.
Staying safe online doesn’t have to be difficult. Use a strong, unique password for every site you visit, and use a password manager to keep track of them all. Be safe.
Related Resources
View All
What is a social engineering attack?
A social engineering attack is a certain type of malicious attack that relies on human error. Hence the word “social.” Human beings are designed to make mistakes, especially when using the internet or corresponding online, and cyber criminals will try and take advantage of the situation. Learn how to protect yourself and others from a social engineering attack.

How Can I Protect My Elderly Parent's Money?
If you have an aging parent or loved one, it’s important to help them protect their savings and assets from fraud and mismanagement. Elderly individuals with dementia or Alzheimer’s disease may have trouble managing their money. Others may have trouble hearing, seeing or using technology, which can make them vulnerable to online hackers and scam artists. If you are worried about your parent’s ability to manage their finances, take these steps:

Five Holiday Scams to Avoid
The holiday season is one of the busiest times of year, especially as people shop, gather, exchange gifts and travel. Scammers and criminals see it as an opportunity to steal your personal information or try to trick you into sending money. Read this article to learn more about common holiday scams and how to avoid them.

What are the Benefits of Contactless Cards?
Contactless credit and debit cards are becoming more widely accepted at point-of-sales systems across the country as retailers adopt this form of payment processing. Read this article to learn more about contactless cards, how they work and how they help safeguard your transactions from fraud.

Don't Be Fooled: Know What Information Ent Will Never Ask You For
Here at Ent Credit Union, we go to great lengths to protect our members. A new scam has started affecting some of our members, and we want to help you stay safe. Learn how to protect your financial and personal information online, so you don’t have to worry about a stranger taking your money. Instead of robbing banks with black hoods over their faces, today’s thieves spend their time scamming everyday consumers and businesses out of their hard-earned money. Suspicious calls, texts, and emails can catch some people off guard, giving fraudsters a chance to drain their bank account.

What to Do if You Think Your Elderly Parent Is Being Scammed
Millions of seniors are scammed out of their money every year in the United States. Elderly individuals tend to be more susceptible to financial scams. They also tend to have more assets, including owning a home, financial savings and good credit after a lifetime of work. Older Americans suffering from medical conditions such as Alzheimer’s or dementia may also get confused when managing their money. Others may have trouble using the latest technology, including mobile banking apps, email or the internet. Use this guide to protect your aging relatives from scams targeting seniors.

Top 10 Financial Scams Targeting Retired Adults
Senior citizens and retired adults are often prime targets for digital hackers and con artists looking to defraud those that they consider vulnerable. These criminals often try to take advantage of these individuals costing them their life savings, which can lead to debt and other financial hardships. If you know someone who is retired, learn about the leading scams targeting them and how they can be identified.

Common Scams that Prey on College Students
College students may be vulnerable to online scams and predatory behavior. Many students may be living on their own and managing their money for the first time. They may not be familiar with the warning signs of fraud, which can lead to all kinds of unfortunate outcomes, including identity theft and scam purchases. If you or someone you know is getting ready to go to college, use this guide to help protect yourself from common scams that target college students.

Help I've Been Scammed! What Should I Do Now?
So, you believe you’re the victim of a scam—what do you do now? Online scams are becoming increasingly common as online scammers and hackers look for new ways to trick consumers into handing over their personal information. If you’ve been scammed, you might have noticed an unauthorized transaction posted to your bank account or your funds may be lower than expected. There’s also a chance that you sent your personal information to the wrong person by mistake, including your debit and credit card numbers, bank account information, Social Security number, phone number or email address. If you notice a problem with your account, there are several ways to rectify the situation. Follow these steps to secure your money before the scammer has a chance to make another withdrawal.

Mobile Banking Safety Tips
More people are using mobile banking apps and websites than ever before. Many people prefer to manage their money online using a mobile device rather than visiting a local service center in person. You don’t have to deal with traffic or wait in line to use the ATM. Banking apps are as safe as the financial institutions they represent, but you need to be careful when sending and sharing your information online. Use these safety tips to enjoy the benefits of Ent mobile banking without putting your finances at risk.

How Secure is My Password?
It’s generally recommended that you change your password once every three months or so, but it can be easy to forget or push it off. You may be wondering if it’s really such a big deal? Yes, it is because cybercrime is on the rise. In a 2018 survey of adults, almost 33% said they personally had experienced a hack of their social media and email accounts. This may be because up to 50% of them use the same password for multiple accounts. Read this article to help you secure your passwords and online accounts before you get hacked.

EMV Chip-Enabled Debit Cards: How EMV Technology Keeps You Safe
Today, most debit and credit cards have multiple ways to transmit data and authenticate a payment. One such way is the small, square computer chips you see on the card. This is called an EMV chip and is used to help protect the user from fraud. Read this article to learn more about how EMV chips work and how they help keep your information safe.