Rest Confident, Your Money is Safe and Secure at Kirtland Credit Union, a message from our President & CEO. Learn More
We have engaged FORVIS, LLP (Attn: Jeff Rosno, 1801 California Street , Ste. 2900, Denver, CO 80202) to perform member verifications. Kindly compare the balance of your accounts on your December 2022 statement WITH YOUR RECORDS. If balances do not agree, please address your discrepancies directly to FORVIS, LLP. Include your name, truncated account number, and an explanation of the difference noted. A reply is not considered necessary unless a difference is noted.
Kirtland CU branches and the Member Contact Center will be closed on Monday, February 19 in observance of Presidents’ Day.
Kirtland Credit Union will never ask you to provide, update, or verify personal or account information through an unsolicited email, phone call, or text message. If you receive an unsolicited email, phone call, or text message, DO NOT RESPOND. Notify us at (505) 254-4369 or 1-800-880-5328.
Online and Mobile Banking are intermittently unavailable. We are working to resolve the issue and apologize for any inconvenience.
If you may experience financial hardship related to the government shutdown, we’re here to help. Call 1.800.880.5328 or visit one of our branch locations for more information.
By Ashleigh, K-Staff
As cybercrime and identity theft continues its relentless increase in both prevalence and sophistication, are you taking advantage of all the ways you can increase security for your own accounts?
Passphrases > Passwords
‘Password’ is a terrible password. So is 123456 (alarmingly, the most common password in the nation). Why? Because these passwords are simple and easily guessed. And while an overly simple password is easy to remember, choosing one is the equivalent of installing a lock made of cotton balls on your front door—not what you want protecting your identity and your money. The problem is that long and complex passwords are not only difficult to guess (which is good) but difficult to remember (bad for the user).
The National Institute of Standards and Technology has recently revised its recommendation of using complex passwords in favor of using a passphrase—a sequence of words and other text. Passphrases are naturally much longer than passwords, making them more secure (usually). Longer passphrases result in more “randomness” generally, making it hard for computers to figure it out—shoot for 4-5 random words (not ones that form a sentence or borrow from quotes or sayings).
The difference between passwords and passphrases is eloquently illustrated by science comic blogger Randall Munroe (XKCD):
If you have the option to use a passphrase (no requirements for special characters and no limit on length) do so! You will likely find that many of your apps and websites have yet to implement this change in recommendation with their own password requirements, so if you cannot choose a passphrase, make the password as random and as long as possible and avoid these common pitfalls:
If you have access to a password protected computer, you can use a password manager like Dashlane or LastPass to generate and remember tough passwords for your logins. Some browsers will also generate and remember your passwords if you ask it to, but be careful about using this functionality if anyone else has access to your computer. And DON’T use this option if you’re on a public computer or connected to unsecured Wi-Fi. In fact, don’t log into any program while connected to an unsecured Wi-Fi. It’s scary easy to steal information over an unsecured Wi-Fi connection.
Have you set up two-factor authentication yet? Many programs now offer this secure method of login, and you should be taking advantage of it. Google, for example, offers two-factor authentication: when you type in your Google password to log into Gmail or another of Google’s apps, you’ll also be asked for a second entry of a six-digit code that is texted to your phone (or sent to you via the Google app on your phone). Once an account’s two-factor authentication is set up, a thief would not only have to possess your password but your physical phone to access your account.
Don’t want to enter a six-digit password every time? You can set Google to remember a personal computer but require two-factor authentication on new devices. Or, if you have a security key like this Yubico, you’ll be prompted to plug it into your computer’s USB port or touch it to your phone to complete the two-factor authentication—literally a physical key for your account! And a physical security key is about as safe an option as you can find.
Many sites and apps offer two-factor authentication—Facebook, YouTube, Google, various password managers, and many financial institutions, including Kirtland FCU Online Banking!
If you’re thinking, “Geez, it’s too risky to be online! I’m just going to do banking the old-fashioned way, with checks and branch visits,” you might want to reconsider. Most financial institutions offer some version of online banking options, and if you don’t claim yours and set up your own passwords and security, you leave the path clear for a thief to do it for you. And you won’t have any way of knowing something has gone wrong until you get your next banking statement a month later! Setting up Online Banking and checking your accounts often allow you to:
Technology is changing and improving every day. Make sure to take advantage of the latest options offered by each account and login you set up.
To register for your Online Banking account with Kirtland FCU, give us a call at 1-800-880-5328.