How We Protect Your Passwords
Recently, we shared some tips on keeping your passwords secure. To follow that up, we’re outlining the steps we take to keep your confidential data secure. While we can’t go into too much detail for security reasons, this should provide a helpful overview.
What We’re Doing Now
1. Using Hashed Passwords
Hashing a password involves turning that password into a rearranged version of itself. From there, the password is combined with a key familiar to the site using a set algorithm. The hashed password and value are then compared to the password that’s recorded on record at each login. Put simply, it’s a reliable and effective way to ensure that passwords remain secure.
2. Password Requirements
One of the best ways we can ensure your NoticeConnect password stays secure is by helping you create a strong one. We do this in a number of ways when you’re setting up your password.
First, we make sure that your password is strong. This makes it harder for malicious actors to guess or generate using software. Second, we require that your password is not similar to your user name, an unfortunately common practice that leaves information vulnerable. Third, we check your password against a list of commonly used passwords to prevent it from being guessed.
3. Multi-Factor Authentication
Multi-factor authentication occurs when a computer user must provide two or more pieces of evidence in order to be granted access. If you’ve set up an account online and had a code sent to your cell phone to type back in, you’ve used multi-factor authentication.
While it may seem common, that’s because it works very well. It’s purpose is largely to prevent the loss of one secure item such as a password or computer causing a vulnerability. For example, if someone found your password and was attempting to log in as you, they would also need access to the phone or device you have connected to that account. Using multi-factor authentication allows us to help keep your information secure from multiple scenarios like this.
How We’re Adding More Protection
1. Validating Passwords Against Breaches
Over the past few years, there have been data breaches across all sorts of different industries and organizations. As a result, those passwords that have been accessed can lead to vulnerable accounts. Soon, when you set a password in NoticeConnect, we’ll validate that it’s not on the lists of compromised passwords from data breaches. This will ensure your password is sound from the very start.
2. Changed Password Alerts
Malicious actors will often try to change the password of an account they’ve accessed without the account owner knowing. This gives them more power and can lock the owner out. We’re working on adding an alert that will notify you anytime your password is changed. That way, if you see the alert but didn’t change the password yourself, you’ll know immediately and swift action can be taken.
3. Password Strength Meter
In addition to our existing password creation security measures, we’ll also be adding a password strength meter. The meter will adjust as a password is entered and show how strong or weak the selected password is. This allows you to easily understand how strong your password is, and helps to provide peace of mind knowing you’ve taken steps to keep your account secure.
4. Magic Links
We’re working on integrating magic links, a technology that allows access to be granted from secure emails, rather than passwords. They’re fast, easy, and secure, and will provide NoticeConnect users with a more seamless experience.
All in all, we’re doing everything we can to keep your passwords secure. And, we’re actively working to add more new protections without inconveniencing you. You trust NoticeConnect with sensitive information, and it’s our duty to ensure it remains safe.
Questions?
If you have questions about this or anything else in regards to NoticeConnect, you can email us anytime at [email protected] or give us a call at 1-866-577-8509.