March Tips

March is National Credit Education Month!

Understanding how credit scores and reports work is an important step in your financial journey. Building positive credit and avoiding hits when possible can help you achieve your goals such as buying a home, leasing a car, or paying off debt.

Our short 5-minute lessons include information about:

The types of institutions and companies that may use your credit score
The importance of credit, how to monitor credit, and how to improve and maintain your existing credit

Develop healthier credit habits in under 10 minutes with the First Nebraska Bank financial education center.

Get Started

Safety Tip

Reusing passwords is (always) a very bad idea!

Since high profile breaches involving user credentials (usernames and passwords) continue to occur, we thought we’d revisit what the bad actors do with this information, provide ways you can help protect yourself, and point you to a tool that alerts if your email address has been included in a breach.

Typically, stolen credentials will be sold on various dark web sites.  A purchaser of these credentials will often use them to try and log into various high value target websites, such as online retailers, digital video game storefronts, and financial services websites.  Their hope is that people who had their account information stolen from one service provider will also use the same password for other services.  The passwords are also separated to create a wordlist to use for password cracking, and email addresses will frequently be sold to use in spam email campaigns.

Recommendations

First and foremost, do not use the same set of credentials for multiple sites and services.  Create a unique and complex password for all sites, and use a password manager such as KeePass, LastPass, or 1Password to keep track of your passwords.  A passphrase (with spaces between words if allowed) is better than a single word password, and multi-factor authentication should always be used when available.

For your information, Have I Been Pwned? (https://haveibeenpwned.com/) is a free industry and government trusted resource for “anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or ‘pwned’ in a data breach.”  You can check individual email addresses, as well as set up an alert to notify you anytime your email address is included in a breach.  Admins, you can also set up an alert to notify if any email from your domain is found in a breach.

Finally, when you find out a service provider you use has been breached, change your password immediately, even if you are unsure if your account was impacted or not.

Safety tip compliments of 10dsecurity.com