Be Present

You should never leave your computer unattended while using online banking services. Always exit online banking using the logout button and close your browser if you step away from your computer. (Your browser may retain information you entered in the login screen and elsewhere until you exit the browser.) Be vigilant about who is around you.

Public or Shared Computers?

• Avoid using public computers (for example, at libraries and Internet cafes) for secure or confidential transactions.
• Don’t allow caching. Prevent the browser from storing in memory the pages that you view (called “caching”) by checking the box for “enhanced security” located on most secure login screens, especially if you are using a shared computer.
• Disable automatic password-save features in the browsers and software you use to access the internet.

Is the Computer and Site Secure?

• Protect your computer with a firewall, anti-spyware and anti-virus software. Update the anti-virus software frequently (daily if possible). Install new security patches as soon as your operating system and Internet browser manufacturers make them available.
• Find the security certificate. Click on the padlock in the lower right corner of your screen. If the page is truly legitimate, clicking on the padlock will show you the security certificate details for the site. A fraudulent site will not provide such details.
• Look for HTTPS://. Check the address of any pages that ask for personal account information. Does the address begin with “https” or “http”? Legitimate banking websites that ask members to enter account information will have “https” in the address to indicate that the page is secure.
• Clear any tracking cookies for extra security. Easy-to-follow directions can be located online.

Are You Banking Securely?

• Close your browser and restart it before online banking. If you’ve set up your browser correctly, doing this will erase any questionable sites you’ve visited from the browser’s short term memory.
• Make it difficult for others to guess your Personal Access Code (PAC), by using, where possible, a combination of letters and numbers in your password. See below for additional PAC safety tips.
• Ensure you are on the right site. Type in the credit union’s web address yourself. Don’t follow unclear links, especially from suspect emails.

Personal Access Code (PAC)

Only individuals who provide an authentic Personal Access Code (PAC) can access your account information. Your PAC is your key for online access, and is for your use alone. It is your responsibility to ensure that your PAC is protected, and to observe the following security practices:

• Select a PAC that is easy for you to remember but difficult for others to guess.
• Do not use another password or part of your ATM PIN (password).
• Keep your PAC confidential and do not share it with anyone.
• Do not write your PAC down or store it in a file on your computer.
• Never disclose your PAC in a voice or email, and do not disclose it over the phone.
• Ensure no one observes you typing in your PAC.
• Change your PAC on a regular basis. We suggest every 90-120 days.

To learn more about browser security, please visit the Microsoft, Mozilla or Symantec websites. To ensure a safe and secure Internet session, only visit reputable sites.