Rest Confident, Your Money is Safe and Secure at Kirtland Credit Union, a message from our President & CEO. Learn More

All Kirtland CU branches and locations will be closed on Monday, September 2 in observance of Labor Day.

Our TellerPhone service is experiencing intermittent issues.  We are working diligently to resolve. Please use our Online and Mobile banking services. We apologize for any inconvenience.

Using social media is a favorite way for a fraudster to scam individuals. Learn how it works and how to protect yourself on our Fraud Awareness and Prevention Center.

If you have been financially impacted by the wildfires and floods in the Ruidoso area, we have options available to help. Call us at 1-800-880-5328 to learn more.

Welcome To The Insighter!

Explore the latest happenings at Kirtland CU and learn about important topics from around the financial world. Here’s your insight! To learn about retirements, investments and financial planning, check out Invested now.

Protect Your Money: It Takes Two (Factor)

By Ashleigh, K-Staff

Facebook
Twitter
LinkedIn

As cybercrime and identity theft continues its relentless increase in both prevalence and sophistication, are you taking advantage of all the ways you can increase security for your own accounts?

Passphrases > Passwords

‘Password’ is a terrible password. So is 123456 (alarmingly, the most common password in the nation). Why? Because these passwords are simple and easily guessed. And while an overly simple password is easy to remember, choosing one is the equivalent of installing a lock made of cotton balls on your front door—not what you want protecting your identity and your money. The problem is that long and complex passwords are not only difficult to guess (which is good) but difficult to remember (bad for the user).

The National Institute of Standards and Technology has recently revised its recommendation of using complex passwords in favor of using a passphrase—a sequence of words and other text. Passphrases are naturally much longer than passwords, making them more secure (usually).  Longer passphrases result in more “randomness” generally, making it hard for computers to figure it out—shoot for 4-5 random words (not ones that form a sentence or borrow from quotes or sayings).

The difference between passwords and passphrases is eloquently illustrated by science comic blogger Randall Munroe (XKCD):

If you have the option to use a passphrase (no requirements for special characters and no limit on length) do so! You will likely find that many of your apps and websites have yet to implement this change in recommendation with their own password requirements, so if you cannot choose a passphrase, make the password as random and as long as possible and avoid these common pitfalls:

  • Don’t use family names, birthdays, or other information that could be found elsewhere. (Make it hard to guess.)
  • Don’t use the same password for every application. (Make it unique.)
  • Don’t use short or common passwords like QWERTY or 123456. (Make it strong.)
 

If you have access to a password protected computer, you can use a password manager like Dashlane or LastPass to generate and remember tough passwords for your logins. Some browsers will also generate and remember your passwords if you ask it to, but be careful about using this functionality if anyone else has access to your computer. And DON’T use this option if you’re on a public computer or connected to unsecured Wi-Fi. In fact, don’t log into any program while connected to an unsecured Wi-Fi. It’s scary easy to steal information over an unsecured Wi-Fi connection.

The Two-Factor Option

Have you set up two-factor authentication yet? Many programs now offer this secure method of login, and you should be taking advantage of it. Google, for example, offers two-factor authentication: when you type in your Google password to log into Gmail or another of Google’s apps, you’ll also be asked for a second entry of a six-digit code that is texted to your phone (or sent to you via the Google app on your phone). Once an account’s two-factor authentication is set up, a thief would not only have to possess your password but your physical phone to access your account.

Don’t want to enter a six-digit password every time? You can set Google to remember a personal computer but require two-factor authentication on new devices. Or, if you have a security key like this Yubico, you’ll be prompted to plug it into your computer’s USB port or touch it to your phone to complete the two-factor authentication—literally a physical key for your account! And a physical security key is about as safe an option as you can find.

Many sites and apps offer two-factor authentication—Facebook, YouTube, Google, various password managers, and many financial institutions, including Kirtland FCU Online Banking!

Online – You Should Be Here!

If you’re thinking, “Geez, it’s too risky to be online! I’m just going to do banking the old-fashioned way, with checks and branch visits,” you might want to reconsider. Most financial institutions offer some version of online banking options, and if you don’t claim yours and set up your own passwords and security, you leave the path clear for a thief to do it for you. And you won’t have any way of knowing something has gone wrong until you get your next banking statement a month later! Setting up Online Banking and checking your accounts often allow you to:

  • Catch fraud and theft early
  • Limit losses
  • Secure your accounts with your own passwords and options

Technology is changing and improving every day. Make sure to take advantage of the latest options offered by each account and login you set up.

To register for your Online Banking account with Kirtland FCU, give us a call at 1-800-880-5328.

Don't Be a Victim!

You need to know about credit union impersonation scams so you can avoid becoming a victim of these nefarious tactics.

Online and Mobile Banking will be unavailable on Tuesday, July 30 from 4:00–6:00 a.m.