The Seacoast BankNote

A Guide to Password Protection

Reviewed by: Jeff Norris

Many individuals use their e-mail to send and store sensitive information such as tax returns, financial statements, medical information and other documents that contain information prized by identity thieves. In the wake of national retail and online publications experiencing security breaches, it is encouraged that users enable multi-factor authentication.

Get informed about the different ways to improve your password with the use of multi-factor authentication:

Password Protection

Authentication

To access many internet services, such as e-mail, online banking, or online shopping, you must first prove you are who you say you are.  This process of proving identity is known as authentication.

There are three types, or factors, of authentication:

  • Knowledge (something you know); Examples include passwords, pins and challenge questions answers.
  • Possession (something you have); Examples include debit cards, tokens and smartphones.
  • Inherence (something you are); Examples include retinal scans and fingerprints.

 

Traditionally, people only utilize the "Knowledge" factor and therefore are using "Single-Factor Authentication". The concern with using single-factor authentication is that many times an attacker only needs one piece of information, your password, to access your accounts.  Recent breaches have shown that simple single-factor authentication is no longer sufficient for protecting sensitive information. Additionally, if an attacker gains access to an e-mail account that receives password reset notifications and confirmations, all websites registered with that e-mail address could potentially be compromised.

Get the latest updates, offers and helpful financial tips.

Multi-factor Authentication

For e-mail accounts and other sites that store sensitive information, the second factor of authentication, known a multi-factor authentication, should be enabled.  Challenge questions are not a second factor because they still rely only on "Knowledge". The second factor must include the factors of possession or inherence. 

 Cyber Security and Multi-factor authentication

Recommendation

Seacoast Information Security recommends using a one-time text code sent to your cell phone anytime you authenticate from an unrecognized device.  In doing so, you will be better protected, because even if your password is stolen, the attacker cannot access your account without having physical access to your cell phone. Once your device authenticates, it is considered a "known" device, so it most likely will not ask for a code the next time you attempt to sign in. 

 

Next Steps

Many online sites now offer two-factor authentication, such as Yahoo, Dropbox, PayPal and Gmail. Google has improved their security with optional two-factor authentication, or what they call "two-step verification". Google’s two-step verification requires two things for authentication: your password, and your smartphone. This feature is not enabled by default. To enable this feature, log into your Google account, go into "Account Settings", select "security", and follow the options to enable two-step verification.   If any of the services you use offer two-factor authentication, please enable and use them.

loading...

Connect with a Local Banker.

Are you interested in contacting a local, Florida banker to discuss your individual financial needs? We’d love to speak with you. Schedule a consultation today.

Contact Form

Our Four Promises.

At Seacoast Bank, everything we do is based upon core beliefs summarized in the Four Promises we make to you. When you entrust your banking to us, we promise to:
right team to serve you
Get you comfortable with the right products and the right team to serve you
Make your day-to-day banking simple
Make your day-to-day banking simple
Resolve out-of-the-ordinary items responsively
Resolve out-of-the-ordinary items responsively
Invest in you and your community
Invest in you and your community