This is how to create a strong password for online banking
The following are all strong passwords
Our online banking accounts deserve the utmost security. These types of accounts must be secure at all costs. It’s easy to create a strong password for online banking accounts. So, if it’s easy; why do so many people use weak passwords and leave their accounts vulnerable to hackers and other bad actors?
The following are NOT strong passwords
Even after people learn the hard way, by having a weak password hacked, they still don’t create a strong password for their online banking accounts. Or, any accounts for that matter. The following statistics (thanks to DataProt.net) that I have researched and discovered are hard to believe. Here are some key statistics that indicate for one reason or another the password habits of the typical user are poor.
- 23 million account holders still use the password “123456”.
- 50% of people use the same passwords at work and at home.
- 57% of phishing scam victims have not changed their passwords.
- 70% of users use the same password on multiple accounts.
On top of those statistics, some other facts stand out. More than half of users rely on their memory to manage their passwords. More than a third of all users have more accounts than they can manage. And, a majority of users are concerned about their passwords getting hacked. A lot of those users still do not create a strong password for their online banking accounts.
Yes, people do use these. Forbes Magazine published “The World’s Top 100 Worst Passwords” and most of the above passwords were on it. Yes, people were actually using these as their passwords, sometimes they were using them for online banking accounts.
Now, it’s true that if you are a victim of identity fraud, it’s most likely a malicious actor has bought your password from a scrupulous dealer on the Dark Web. But it’s still important that you create a strong password for online banking accounts. Why make it easy for hackers or someone that wants to hurt you or your reputation. They say that locks simply keep honest people honest. Well, that’s partially true of strong passwords.
A strong password is unique and complex
- What is a unique password — The answer to this is simple. But, the actual practice of doing it is not. Simply put, a unique password is one that is used only one time, for one site, and not repeated again for the current site or other sites. It’s not just necessary to create a strong password for your online banking, but for all accounts and applications. It takes extra effort to make your passwords unique, but it is critical for avoiding and costly compromises.
- What is a complex password — There are several factors to consider. A complex password uses multiple types of characters in different ways to create a secure password. It is recommended to use at least three of the following different character types: 1) uppercase letters, 2) lowercase letters, 3) numbers, 4) special characters. A complex password is also long. Some say 8 characters is long enough. However, it is so simple to make it longer why not do it. I recommend a length of at least 12 characters. Don’t hesitate to use ALT characters, they add extra security.
Note: An example of using Alt characters in passwords is like this:
Let’s take the following password for example: “Pr9DoG5xKND9¢” The “¢” is created by holding down the Alt key and typing 155 (Alt+155). There are hundreds of Alt characters that can be used. This method is exceptionally secure. Not all sites and applications accept special Alt characters as part of a password, but if they do use them. Alt characters can be included to create a strong password for online banking accounts.
Use a password manager to create and manage a strong password for online banking accounts
In this article, we have learned what a strong password is and why we should always use a strong password. However, creating strong passwords that are unique and then remembering them is not easy. Sure there are ways of doing it that people use and they work for them. For instance, a colleague of mine uses two interesting methods.
Method #1: Make a password from a long sentence, phrase, or song
They create a password from a sentence. They realize that is important to create a strong password for online banking accounts, especially. They use a sentence to create a strong password because they find it easier to remember. What they do is take the first letter of every word used in a sentence then add additional characters. They vary the case and incorporate symbols and special characters to create their password.
For instance, if you like amusement parks you try this: “At the amusement park yesterday we enjoyed five different rides in the period of two hours”, which turns out to be “@Tapywe5drit.O2h”. My colleague always uses this or a similar method.
Another method they use is create a password from a personal statement or makes up a reminder note like this: “Honey, please remember that our fifth wedding anniversary is on the ninth this month at the hotel where we had our honeymoon”, which translates to this: H,prto5thwaiot9thtm@thwwhoh. This method creates very strong passwords that can be remembered.
Method #2: Use patterns that you draw on your keyboard
This works well because patterns are easy to remember, and when done on a keyboard it allows you to enter your password while drawing your pattern. The shapes you make up could resemble geometric patterns, letters, and numbers, or even a simple drawing. This method will create a strong password that can be used for online accounts, including online banking.
So, these methods work for my colleague, but will they work for everyone. Probably not. Both processes still take extra time, as compared to just using your same old simple password for all your online accounts. And, you still have remember the sentences, and patterns. If you use unique passwords for all your accounts, well that’s a lot to remember.
So the solution is to use a password manager. A password manger can create strong passwords and store them for you for all your different online accounts. It makes it easy to always use a unique and strong password for all your online accounts. That means unique and strong password creation for all your accounts and applications, not just your important online banking accounts.
What to look for in a password manager
◙ Able to generate long and unique passwords — For starters, a password manager needs to be able to create unique, long, and complex passwords for all your online accounts. That means the password manager must have a password generator built into it. A good password generator allows you to choose the length of passwords, types of characters used, or not used.
◙ It must protect your passwords from prying eyes — Nobody should have access to your passwords except you. The passwords must be stored securely. That means they can only be accessed by using a strong and unique master password. The master password is the only one you need to remember. It also should offer options to use multi-factor login authentication, including a physical multi-factor device like a Yubi-Key, or similar technology.
◙ It should incorporate a secure cloud technology — This allows you to use the password manager on several different devices. It ensures that the password manager is always up-to-date with the latest passwords for each site, application, or account. The company that provides the password manager and cloud service should not have access to your passwords. Cloud services should use end-to-end encryption techniques.
◙ Ability to change passwords with the click of a button — Should have an option to change a single password or multiple passwords at one time.
◙ Should offer browser extensions — This allows easy access to autofill and password generation within different browsers.
There are many password managers available on the market. I use a product called Dashlane. But there are also open source products available like the KeePassXC project. KeePassXC project has not undergone a formal audit, as of November 2020, so if you are going to use it across multiple devices it may not be the best choice. If you use a password manager at your workplace be sure to check with your IT department about in-house policies and rules. They may also have some good suggestions about which password manager to use.
Use a solution that will notify you when your password has been part of a data breach
There are password management solutions that will monitor the Dark Web for your account passwords and email addresses. When major data breaches happen to companies the stolen information often is available for sale on the Dark Web marketplaces. When your information is found on the Dark Web it is necessary to immediately update contact information and passwords on any affected accounts. If this happens and you are using unique passwords for all your different accounts the dangers and risks are manageable.
How to Create a Strong Password for Online Banking
◙ Don’t use obvious information like a birthdate or a pet’s name.
◙ Use a unique and complex password for each account.
◙ Change your passwords periodically.
◙ Use a password manager to create and manage passwords.
◙ Don’t use short passwords, use at least 12 characters.
◙ Use Multi-factor authentication solutions.