Don’t Get Caught In A Crowdfunding Scam

The days of handouts and begging loans off wealthy relatives are fast becoming extinct. Today, if you need boatloads of money—whether it’s to help you cover an expensive emergency or to fund a new business idea—you only need to appeal to the vast audience of the internet and wait for the money to start rolling in.

Crowdfunding platforms like GoFundMe, Kickstarter and IndieGoGo are packed with eager would-be entrepreneurs and desperately needy individuals alike.

But, they’re also packed with scammers.
For instance, an Iowa woman raised thousands of dollars on GoFundMe for her daughter’s terminal cancer—which would be heartwarming were it not for the fact that her daughter is perfectly healthy.

In a second example, an American company called Triton claimed to have created a device enabling people to breathe underwater. The IndieGoGo page they set up to raise funds for production pulled in $850,000 in just a few days. Sounds inspiring until you realize their supposed invention is more like something out of a sci-fi movie. In reality, Triton fooled many people with an invention that only existed in their imagination.

In yet another incident that garnered national attention, a New Jersey couple teamed up with a homeless veteran from Philadelphia to start a bogus GoFundMe page. The couple claimed the veteran had used his last $20 to buy gas for the wife when she was stranded on Interstate 95. It was the perfect feel-good story, with just enough pathos and emotion to get people to part with their money—to the tune of $400,000, in fact.

Later, when the veteran accused the couple of withholding his money, the case went to court. Proceedings are currently ongoing, but authorities believe the campaign was a scam and that the couple allegedly burned through a whopping $350,000 of donated funds in just a few months.

While some crowdfunding platforms will refund your money if a cause turns out to be a scam, most of them will keep a portion of it for themselves, so don’t plan to get back every penny if you get caught up in a scam. There’s also the possibility of a crowdfunding scam remaining undetected, allowing the scammers to live it up on everyone else’s dimes. Even if your money does land back in your wallet, it’s never a good feeling to know you’ve been conned.

So, don’t let the scammers out there ruin it for everyone else! You should be able to share your money with any cause you believe in. Here are some tips to help ensure you’re chipping in for something genuine.

How to check a campaign for legitimacy
Whether it’s a heartbreaking story or a brilliant business venture you want to support, you’ll first want to research the campaign’s creator. Google their name to see what the internet has to say about them. Also, look up their street address and phone number to verify they’re using their real name, and check whether they’ve started any crowdfunding campaigns in the past.

If you’re looking at a charity campaign, your next step is to take emotion out of the picture. Charity crowdfunding scams succeed by playing with people’s heartstrings. Take the time to study the campaign with pure logic. Does the story really make sense? If you still think it’s legitimate and everything seems to check out, you can choose to donate. Or, you can take your caution one step further by contacting the campaign’s creator and asking for verification of their cause. If they’re genuinely in need, they’ll gladly supply you with names of doctors or references. But if they sound hesitant, or refuse to answer your questions, opt out.

If you’re looking at a crowdfunding campaign for a new business idea, ask yourself if the project is realistic. There are currently several GoFundMe pages set up by individuals with the goal of fighting ISIS. Sounds good until you realize how impossible it is for a single person to achieve such a goal. Lots of inventions or other business ideas also sound incredible until you realize they’re only possible in a fantasy world. Don’t help a business venture get off the ground until you can verify that it’s actually legitimate.

Do your due diligence with crowdfunding campaigns, and you can donate with confidence.

Your Turn:
Do you have a crowdfunding horror story? Tell us all about it in the comments.

SOURCES:
https://www.google.com/amp/s/www.nj.com/news/2019/01/inspired-by-viral-gofundme-fraud-this-nj-bill-would-mean-harsher-punishment-for-scammers.html%3FoutputType%3Damp

https://www.daveramsey.com/blog/how-to-avoid-crowdfunding-scams

https://www.google.com/amp/s/www.nbcnews.com/news/amp/ncna936941

http://www.cracked.com/blog/6-incredibly-obvious-crowdfunding-scams-people-fell-for/

Advertisements

Tax Scams 2019

Each year, the IRS publishes the “Dirty Dozen,” a list of 12 scams that are rampant during that year’s tax season.

This year, the IRS is cautioning taxpayers to be extra vigilant because of a 60% increase in email phishing scams over the past year. This is particularly disheartening, since it comes on the heels of a steady decline in phishing scams over the previous three years.

Typically, an email phishing scam will appear to be from the IRS. Once the victim has opened the email, the scammer will use one of several methods to get at the victim’s personal information, including their financial data, tax details, usernames and passwords. They will then use this information to steal the victim’s identity, empty their accounts or file taxes in the victim’s name and then make off with their refund.

Scammers have several means for fooling victims into handing over their sensitive information. The most popular tax-related phishing scams include the following:

  • Tax transcript scams
    In these scams, victims are conned into opening emails appearing to be from the IRS with important information about their taxes. Unfortunately, these emails are bogus and contain malware.
  • Threatening emails
    Also appearing to be from the IRS, these phony emails will have subject lines like “IRS Important Notice” and will demand immediate payment for unpaid back taxes. When the victim clicks on the embedded link, their device will be infected with malware.
  • Refund rebound
    In this scam, a crook posing as an IRS agent will email a taxpayer and claim the taxpayer was erroneously awarded too large a tax refund. The scammer will demand the immediate return of some of the money via prepaid debit card or wire transfer. Of course, there was no mistake with the victim’s tax refund and any money the victim forwards will be used to line the scammer’s pockets.
  • Phony phone call
    In this highly prevalent scam, a caller spoofs the IRS’s toll-free number and calls a victim, claiming they owe thousands of dollars in back taxes. Those taxes, they are told, must be paid immediately under threat of arrest, deportation or driver’s-license suspension. Obviously, this too is a fraud and the victim is completely innocent.

If you’re targeted
When targeted by any scam, it’s crucial to not engage with the scammer. If your Caller ID announces that the IRS is on the phone, don’t pick up! Even answering the call to tell the scammer to get lost can be enough to mark you as an easy target for future scams. If you accidentally picked up the phone, hang up as quickly as possible.

Similarly, suspicious-looking emails about tax information should not be opened. Mark any bogus tax-related emails that land in your inbox as spam to keep the scammers from trying again.

If you’re targeted by a tax scam, report the incident to help the authorities crack down on these crooks. Forward suspicious tax-related emails to phishing@irs.gov. You can also alert the Federal Trade Commission at FTC.gov.

Protect yourself from tax scams
Stay one step ahead of scammers this tax season by being proactive. Protect yourself with these steps:

File early in the season so scammers have less time to steal your identity, file on your behalf and collect your refund.
Use the strongest security settings for your computer and update them whenever possible.
Use unique and strong passwords for your accounts and credit or debit cards.
Choose two-step authentication when conducting financial transactions online.

Remember, the IRS will never:
Call about taxes owed without having first sent you a bill via snail mail.
Call to demand immediate payment over the phone.
Threaten to have you arrested or deported for failing to pay your taxes.
Require you to use a specific payment method for your taxes.

Ask you to share sensitive information, like a debit card number or checking account number, over the phone.

Be alert and be careful this tax season and those scammers won’t stand a chance!

Your Turn:
Have you ever been targeted by a tax scam? Share your experience with us in the comments.

SOURCES:
https://clark.com/personal-finance-credit/taxes/beware-of-these-common-irs-scams/

https://www.google.com/amp/s/www.forbes.com/sites/kellyphillipserb/2018/12/04/irs-warns-on-surge-of-new-email-phishing-scams/amp/

https://www.businessinsider.com/irs-phone-scam-what-to-do-if-you-get-scam-call-2018-2

All You Need To Know About Facebook’s Latest Bug

Young black woman scrolling through an app on her smartphone in a cafeWith its wide range of features, easy-to-use interface and streamlined access, Facebook is the darling of the social media age. It helps people stay connected with family and friends, allows new relationships to blossom and creates a culture of community for new and established businesses alike.

However, in December, Facebook announced its internal team found a photo API bug in its platform which may have exposed the unshared photos of 6.8 million users. As the latest in a stream of publicized security issues, this breach has the public confused and worried about their privacy.

Read on for all you need to know about the recent Facebook bug.

What happened because of the photo bug?
According to Facebook’s policy, apps linked to Facebook are only allowed to access photos that users give them permission to view, such as those posted on their Facebook timeline. The recent bug, however, may have allowed third-party apps to access loads of other pictures without their user’s knowledge and permission.

An estimated 1,500 apps built by 876 developers were affected by the bug. All of these apps are approved by Facebook, and were authorized by users to access their photos.

The photos breached include those shared on Facebook Stories or Marketplace as well as photos that had been uploaded but weren’t yet posted on Facebook.

The bug was active from Sept. 13 to Sept. 25, 2018. Although, Facebook waited to come clean about the breach in mid-December, 2018.

What steps has Facebook taken to fix the bug?
Facebook fixed the bug as early as Sept. 25 and has openly apologized for the breach. They have promised to let app developers know which of their users have been affected by the bug so they can take steps on their own. Facebook has also claimed to be working on strengthening their platform’s privacy to prevent future photo leaks and security breaches.

When asked why the social media giant did not inform the public about the bug immediately, a Facebook representative told CNN Business, “We have been investigating the issue since it was discovered to try and understand its impact so that we could ensure we are contacting the right developers and people affected by the bug. It then took us some time to build a meaningful way to notify people, and get translations done.”

Despite the statement, the jury remains out on whether Facebook has really taken the responsible course of action after the bug was discovered.

What does the bug mean for impacted Facebook users?
Having your unshared photos posted on public forums can lead to a host of safety issues. Thankfully, no crimes have been linked to the photo leak to date, but crooks can use revealing photos to stage a home robbery or worse. For reasons such as this, it’s always best to use the strongest privacy settings on your social media platforms and to be super-careful about which apps you allow to access your photos.

To be extra careful and keep yourself safe in the event of security breaches like Facebook’s recent photo bug, never post pictures that are too revealing about your personal life and your financial situation.

How can I check if my photos were leaked?
Facebook has issued an official alert to all affected users with clear steps for protecting their photos. The alert directs users to a Help Center Page where they can check if they’ve used any apps affected by the bug and get instructions on how to proceed from there.

Facebook also advises users to log into any apps they use to share photos and check which ones are accessible. If you’re worried about an app’s privacy, log into Facebook’s Manage Your Apps page and contact the app developer directly to inquire about the accessibility of your photos.

Facebook’s latest security breach may have impacted millions of users, but with the proper reactive steps and an eye toward a more secure future, it can help the social media giant and all its users practice stronger security measures and protect their privacy against potential breaches.

Your Turn:
Have you been impacted by Facebook’s latest breach? Share your experience with us in the comments below.

SOURCES:
https://betanews.com/2018/12/16/facebook-photo-api-bug/

https://www.google.com/amp/s/amp.cnn.com/cnn/2018/12/14/tech/facebook-private-photos-exposed-bug/index.html

https://www.geek.com/tech/facebook-photo-bug-how-to-check-if-you-were-impacted-1766300/

https://www.google.com/amp/s/www.cnbc.com/amp/2018/12/14/facebook-bug-exposed-photos-from-up-to-6point8-million-users.html

Credit Card Fraud In Fives

Businessman enters credit card number on a laptopNo one wants to be the victim of credit fraud. Aside from the stolen money you may never recover, victims of fraud can be faced with an enormous hassle. That hassle involves the closing of accounts, putting a fraud alert on your credit and a huge ding on your credit history, which can be difficult to fix.

Whodunnit? When we’re talking about credit card fraud, everyone’s pointing fingers at everyone else.

Consumers tend to blame the credit card issuer, but the vulnerability usually lies with the point-of-sale terminal. Tampering with a credit card reader takes just a few minutes and can be done with an inexpensive device that’s available on Amazon. In addition, there are lots of other ways your information can be skimmed, none of which point to a security deficiency with your credit union or credit card company.

Thankfully, there are steps you can take to prevent and recognize credit card fraud before it happens. Read on for all you need to know about credit card fraud in 5 lists of fives.

5 ways your card can be frauded

  1. It’s physically lifted from your wallet.
    The old-fashioned pickpocket is still a very real threat. Invest in a secure wallet and/or purse and always keep your card inside.
  2. A restaurant or bar server skims it.
    When you hand over your card to a dishonest server at the end of a meal, you give them a few minutes to skim your card while it’s in their possession.
  3. A terminal you use is compromised.
    Payment terminals can be tampered with and rewired to transmit your information to scammers. This is especially common in pay-at-the-pump gas stations.
  4. An online breach puts your information on the black market.
    After a company you use suffers a breach, your personal information may be up for sale on the dark web.
  5. Your computer’s been hacked.

Once a scammer gets inside your computer, they have full access to all of your sensitive data.

5 signs a terminal’s been compromised

  1. The security seal has been voided.
    Many gas stations have joined the war against credit card crimes by placing a security label across the pump. When the pump is safe to use, the label has a red, blue or black background. When it’s been breached, the words “Void Open” will appear in white.
  2. The card reader is too big for the machine.
    The card reader is created to fit perfectly on top of the machine. If it protrudes past it, it’s likely been tampered with.
  3. The pin pad looks newer than the rest of the machine.
    The entire machine should be in a similar condition.
  4. The pin pad looks raised.
    If the pin pad looks abnormally high compared to the rest of the machine, the card reader may have been fitted with a new pin pad that will record your keystrokes.
  5. The credit card reader is not secured in place.
    If parts of the payment terminal are loose, it’s likely been compromised.

5 times you’re at high risk for credit card fraud

  1. You lost your card.
    If you misplaced your card – even if it was eventually returned to you – there’s a chance your information has been skimmed.
  2. You’re visiting an unfamiliar area.
    When patronizing a business in an unfamiliar neighborhood, you don’t know who you can trust.
  3. A company you use has been breached.
    If a business you frequent has been compromised, carefully monitor your credit for suspicious activity.
  4. You shared your information online with an unverifiable contact.
    If you’ve willingly or unwillingly shared sensitive information online and you’re not certain of the contact’s authenticity, you’ve likely been frauded.
  5. You downloaded something from an unrecognizable source.
    Have you accidentally downloaded an attachment from an unknown source? Then your computer has likely been compromised and you’re at risk for credit card fraud.

5 ways to protect yourself against credit card fraud

  1. Check all card readers for signs of tampering before paying.
  2. Never share your credit card information online unless you’re absolutely sure the website you’re using is authentic and the company behind it is trustworthy.
  3. Check your monthly credit card statements for suspicious activity and review your credit reports on a frequent basis.
  4. Use cash when patronizing a business that’s in an unfamiliar area.
  5. Don’t download any attachments from unknown sources.

5 steps to take if your credit card has been frauded

  1. Lock the compromised account.
    Dispute any fraudulent charges on your compromised accounts and ask to have them locked or completely shut down.
  2. Place a fraud alert on your credit reports.

  3. Consider a credit freeze.
    This will make it impossible for the scammer to open a line of credit in your name.
  4. Alert the FTC.
    Visit identitytheft.gov to report the crime.
  5. Open new accounts.
    Begin restoring your credit with new accounts and lines of credit.

At [credit union], we’ve always got your back! Call, click, or stop by today to ask about steps you can take to protect your information from getting hacked.

Your Turn:
Have you ever been a victim of credit card fraud? Share your story with us in the comments.

SOURCES:

https://www.thebalance.com/how-credit-card-skimming-works-960773

https://www.thebalance.com/more-at-risk-of-credit-card-fraud-960780

https://www.makeuseof.com/tag/credit-card-fraud-works-stay-safe/

http://gizmodo.com/home-depot-was-hit-by-the-same-hack-as-target-1631865043

5 Scams To Avoid This Black Friday

Woman at home views tablet showing black friday sale adBlack Friday and Cyber Monday can be great fun – but they can also put you at great risk. Scams abound on the weekend that heralds the holiday shopping season, and you don’t want a phishing scheme or a bogus bargain to turn you into a Grinch.

Here are five scams to look out for as you brave the frenzied crowds while trying to snag the best deals after Thanksgiving.

1. Crazy deals that are actually bogus
The noisy crowds and flashy ads on Black Friday can lead you to make rash decisions and spend more than you planned. But be careful not to leave your senses at home.

An iPhone X retailing at just $12? A pair of genuine Ugg boots for just $9? These deals sound insane because that’s exactly what they are. And yet, thousands of people happily send their money to online stores that are advertising these laughable prices on Black Friday. And of course, once the scammers have your credit card information, they won’t hesitate to use it for their own shopping spree – all on your dime.

Be smarter: Don’t believe any advertised price that is ridiculously low. It’s only bait used by scammers to lure you into their trap. Black Friday deals tend to fall within the 20-30% off range or an offer of free shipping.

2. Black Friday gift cards for cheap
In the weeks leading up to Black Friday, you might see an explosion of cheap gift cards being sold at online marketplaces. The gift cards are linked to big-name retailers and are offered for a fraction of their real value.

These cards are usually stolen from their real owners. The victim of the theft will likely report the loss and the card will be disabled. And you’ll have forked over your hard-earned money for a card that’s not worth the plastic it’s made from.

Be smarter: Don’t buy any gift cards that are retailing at a heavily marked-down price.

3. Bait and switch
Want to be the lucky winner of a brand new iPhone X? Just fill out a form with your personal details and take this survey. You may just be the proud new owner of the super-expensive phone!

If you know anything about online scams, you’ll already recognize this one. Your personal details and a site whose authenticity you can’t verify are two things that should never meet. The sweepstakes is just the scammer’s bait to get at your information. And, with holiday expenses growing each year, it’s the perfect time to lure an innocent victim into thinking they’ve just saved a ton of money.

Don’t make the mistake of thinking you’re safe from this scam just because you’re doing all your Black Friday shopping at the mall. “Bait and switch” scams can happen offline, too.

The brick-and-mortar version of this scam is somewhat less nefarious. Retailers will advertise deals so amazing you’ll find yourself travelling across town and battling impossible traffic to grab these bargains. Once you finally reach the store, though, you’ll be told that those items are all sold out, but you can check out the items they do have in stock. You’ll be shown similar, but inferior, products and cheap knockoffs, or nothing you’re interested in at all. These scams are just a waste of your time and often your money, too.

Be smarter: Don’t enter any sweepstakes or believe advertisements for heavily marked-down prices on sites and stores you’re unfamiliar with.

4. Delivery problems
With so much of your shopping happening online, you probably wouldn’t be surprised to receive an email claiming there’s been a problem with the delivery of one of your purchases. But if you get an email like this asking you to click on a link or download an attachment to arrange an alternative delivery date, you’re looking at a scam. You may also receive a message asking you to pay an extra fee for delivery after you’ve completed an order. Again, this email is bogus and you’re being scammed. Ignore these emails. And, if you have a problem with the delivery of your purchase, contact the seller or company directly.

Be smarter: Never download anything or click on a link from an unverifiable source.

5. Online purchases that can only be paid for with a wire transfer
If you’re planning on going on an all-out spending spree this Black Friday, use your credit card. It offers you the most protection against purchases that don’t turn out to be what you expected.

A debit card can be a good choice, too, if you’re only shopping at stores and retailers you trust and frequent often.

Never agree to an online purchase demanding payment via money order or wire transfer. These are favorites among scammers since they are similar to paying with cash – once the money has changed hands, there’s almost no way you can get it back.

Be smarter: When frequenting unfamiliar stores and sites, use your credit card.

Be an educated shopper this Black Friday and outsmart scammers!

Your Turn:
Have you ever been targeted by a Black Friday scam? Share your experience with us in the comments below.

SOURCES:
https://www.finder.com/black-friday-scams

https://www.makeuseof.com/tag/6-scams-watch-black-friday-cyber-monday/

Apple Pay, Samsung Pay And Tokenization: How To Stay Safe With The Wallet Of The Future

ApplePay and Samsung Pay logosLeft your wallet at home? No worries; you can still pay for those purchases! Just use your phone.

Apple Pay, Samsung Pay and other mobile wallets are revolutionizing the checkout experience by blending two developments in payment infrastructure to save you time: near-field communication (NFC) and token encryption.

Approximately one-third of all payment terminals nationwide have been updated to accept Apple Pay. However, it only works on phones equipped with the necessary NFC equipment. If you already have an iPhone 6 or a newer iPhone, though, all you need is the preinstalled Passport app. There are simple, on-screen instructions for adding a debit or credit card. You can even add your Advantage One card!

Samsung Pay is structured similarly, but only works on select Samsung Android devices. However, Samsung has incorporated magnetic secure transmission (MST) technology as well. Hold a phone against a payment terminal and it will emit a signal that simulates the magnetic strip on a debit or credit card.

In terms of convenience, this means you can use Samsung Pay on almost any payment terminal in the country. The only situation where Samsung Pay won’t work is when you need to insert your card into a slot, such as at a gas station. Otherwise, though, you’re free to use this payment method even if the merchant hasn’t updated their equipment.

Both payment methods use a process called “tokenization” for maximum security. In the simplest terms, tokenization is the use of a non-secure piece of data to stand in for a secure one. It’s like arcade tokens. The secure data is the quarter, which you exchange at a machine for a token. That token then tells the arcade machines you have a quarter (or credit) to play. The game machine never sees the actual quarter, but accepts the token that stands in its place.

Apple Pay and Samsung Pay work the same way. When you make a payment with one of these services, the app creates a token – a random series of numbers – that corresponds to your account, along with a one-time security key. It transmits that data to the payment terminal, which sends that token to the “token vault,” a secure database that links these tokens to the actual accounts. If the security key is correct, the token vault will transmit a charge directly to the linked cards and return a verification of funds to the payment terminal. Since the token vault is hosted at the payment processor, the point-of-sale terminal never sees your card information.

This is different from a swiped or keyed transaction. Ordinarily, the terminal reads your credit or debit card information directly and transmits it to the payment processor, which then sends it to your financial institution. This means your card’s information is stored in three different places, any of which could be the site of a data breach.

With tokenization, your information is seen only by the payment processor and your financial institution. That’s fewer points of failure along the information chain and there is less vulnerability for your sensitive data.

This also means that Apple and Samsung have no idea what purchases you’re making. For fans of internet privacy, this is heartening news.

There are other layers of security involved in these services. To use Apple Pay, you’ll need to use TouchID, FaceID or input your PIN. For Samsung Pay, you’ll have to authenticate your fingerprint, input a PIN or confirm an iris scan. If your phone gets swiped, a thief will have a hard time using it to go on a shopping spree. In contrast, if a criminal grabs your actual wallet, they can do enormous amounts of damage to your finances and credit score before you even realize it’s gone.

Whether you’re a die-hard Apple fan or a staunch Samsung supporter, mobile wallets are an efficient, secure way to pay. Download the app, link your [credit union] card, and start leaving your wallet at home!

Your Turn:
Are you an Apple Pay fan, or do you use Samsung Pay? Brag about your brand loyalty and the reasons that drive it in the comments!

SOURCES:
http://www.theverge.com/2016/12/6/13864376/35-percent-apple-pay-us-merchants

https://en.wikipedia.org/wiki/Tokenization_(data_security)

http://appleinsider.com/articles/14/10/20/how-apple-designed-apple-pay-to-avoid-the-pitfalls-of-traditional-payment-systems

http://www.forbes.com/sites/forbestechcouncil/2016/12/22/the-promise-and-challenges-of-biometrics/#21c6fc044202

https://www.idropnews.com/iphone-7-vs-google-pixel/iphone-7-vs-google-pixel-apple-pay-android-pay-comparison/28596/

https://www.sans.org/reading-room/whitepapers/casestudies/case-study-home-depot-data-breach-36367

https://www.cnet.com/news/apple-pay-vs-samsung-pay-vs-google-pay-which-mobile-payment-system-is-best-chase-pay/

How To Create And Keep Strong Passwords

Woman holding tablet in lap browsing a website.Your passwords are the keys to your life. And when it feels like there’s another big security breach every week, you want to be sure those passwords are strong and safe.

Follow the 6 steps below for super-strong passwords that will keep scammers guessing.

Step #1: Choose a password manager
The best way to ensure your passwords are secure is to use a password manager like 1password, Lastpass or Keepass. These services generate encrypted passwords for every website you use. You will then create one master password to use for logging into all of your accounts.

Step #2: Create an unbreakable master password
This code can open up every password of yours to potential scammers; so be extra careful about choosing one that is virtually unbreakable. Follow these rules for a strong password:

  • Make it long. Many sites require a password that is a minimum of 8 characters long, but a 12-character password is even stronger.
  • Be creative. Avoid using names, places and recognizable words, since these are easily cracked.
  • Mix it up. Vary your capitalization and the kinds of characters you use, switching back and forth from letters to numbers to symbols.

You can run your password through an online password checker like the one on OnlineDomainTools.com to test its strength. Once you’ve created a super-strong master password, work on memorizing it. Write it down and then rip up the paper as soon as you’ve memorized it.

Step #3: Update all your passwords
Next, sync all the websites and accounts you use with your password manager. Follow the guidelines on your password manager for this step, as they differ with each service.

When you’re through, you’ll only be able to log into these sites with your master password.

Some sites employ outdated systems that won’t work with a password manager. For these sites, you will need to use different passwords. You can slightly amend your master password for these sites or create new ones using the guidelines above. Use a different password for every site.

Step #4: Use two-factor authentication
Add another layer of protection by choosing two-factor authentication whenever you have that option.

Step #5: Be careful with security questions
Security questions are extremely insecure; anyone can Google the answers. If all a scammer has to do to retrieve your password is answer a security question, the strongest password is worthless.

Treat security questions like passwords. Never answer them truthfully. Instead, make up mnemonics or nonsensical answers that are difficult to crack, but easy for you to remember.

Step #6: Don’t let your browser or phone “remember” your passwords
Keep your passwords in your head and not on your devices. Otherwise, you’ll be in deep trouble if your computer or phone is swiped.

Your Turn:
What’s your best tip for creating a super-strong password? Share it with us in the comments.

SOURCES:
https://www.google.com/amp/s/lifehacker.com/how-to-create-a-strong-password-1797681069/am

https://lifehacker.com/four-methods-to-create-a-secure-password-youll-actually-1601854240

https://www.pcmag.com/article2/0,2817,2407168,00.asp