In the last couple of years, we’ve heard a lot about how easy it is to hack our emails, Facebooks, and other personal information. I’ve gotten letters from my bank and my health care provider about their systems being hacked within this calendar year. If my bank specifically asks for a specific action, such as me changing my password, I follow through. But other than that, I don’t pay the whole ordeal too much attention. In my mind, it’s 2016, and these things just happen, at this point. Yes, I’ve read articles about how I perhaps shouldn’t connect to every app through Facebook or I should change my passwords every six months, but I don’t pay enough attention to that advice, especially when it’s so simple to just tap the “connect with Facebook” option.
Quartz, a digital news outlet targeting business professionals, recently published an article about how easy it is to gain access to your checking account, and the results were a bit alarming. While I think it’s important to absorb all of this information intelligently and be discerning about research of this nature, I don’t think it’s a good idea to ignore it altogether. While hacking stories admittedly surface all the time, there’s a good reason for them. In 2014, CNN Money reported that “47% of U.S. adults had their personal information exposed by hackers.”
Quartz set out to show that while banking security should be a top priority for banks, there are top financial institutions that are not doing as much to protect our information as we might hope. Quartz took an in-depth look at banking password requirements and found that most accept basic, easy-to-hack passwords. They scrutinized each banks’ password requirements to find which banks allowed passwords that are easy to target.
“Here are the simplest possible passwords we could come up with that each bank would apparently accept:
- JPMorgan Chase: Abc098xy
- Bank of America: Qwerty12
- Citibank: a12345
- Wells Fargo: aaa111
- PNC Bank: aaaaaaa1
- TD Bank: password1″
For an exact list of password qualifications for each major bank, consult the chart QZ provides. Their findings said Chase passwords would likely be the most difficult to crack because their system does not allow common passwords like “password1.”
Quartz explains the exact ways in which hackers extract password information, including a “rainbow table” method, and the practice of setting up their computers to generate millions of password iterations. Most of Quartz’s findings suggest that passwords that are less obvious are harder to crack, and a hacker is more apt to not bother trying. Quartz says,
“After the infamous data breach at Ashley Madison last year, researchers were able to crack the encrypted passwords for 11 million of the 36 million breached accounts within a few weeks. The passwords they couldn’t crack so quickly were those that were longer and more complex.
The trick is to use passwords that are long and complex enough that they’d take too long for hackers to bother to crack.”
So, the first solution is just to make your password less intuitive, or commonplace. While it may help if banks set stricter password requirements, I think the responsibility is partially on us to be aware of this problem, and to be forward-thinking enough to pick less obvious passwords to protect our personal finances.
I looked up other ways to protect ourselves from credit/debit card and checking account hacking, and in a recent article on hacking, Jose Pagliery, CNN Money’s tech expert, offers a few additional solutions:
“1. Don’t use your debit card to pay at businesses you don’t trust. In fact, some would go as far as saying ditch your debit card. Don’t use it for shopping — physically or online. Jose says your safest option is payment via your phone — Apple Pay or Google Wallet. If not, use a credit card.
2. Only take out money from your own bank’s ATM.
3. Check your account often and call your bank immediately if you suspect fraud.”
I am not about to ditch my debit card altogether, but in addition to having fairly hard-to-guess passwords, I also never use a debit card while shopping online, and I need to get better about which ATMs I trust. From the outline of the problem in the Quartz article, to the preventative measures suggested by the CNN Money piece, I think the key learning here is that we need to be aware of the dangers of hacking, and how simple it can be to take our information. In this situation, I think the theory that “an ounce of prevention is worth a pound of cure” applies. It’s better to have a strong password and use your cards wisely than it is to have to deal with getting hacked.
Image via Pexels