Keeping your account information safe
The security of your personal information is very important to us. We have a range of precautions in place to help keep you protected.
- We will never ask for your username or password
- If your profile is inactive for more than 10 minutes you will automatically be logged out
We also encourage you to consider the following to help ensure the safety of your Forsyth Barr web account.
- Keep your password safe. Do not share your password with anyone, ever. Do not write it down or save your password details on a shared or public computer. Don't use the same password across all systems you log in to
- Set a strong password or passphrase. Industry experts suggest passwords should be more than 12 characters long and include a mixture of upper and lowercase letters and at least one non-letter character. A passphrase is even stronger than a password (a passphrase is a longer sequence of words or characters that is memorable to you, but because it is much longer is more secure than a traditional password)
- Use a Password Manager. A Password Manager enables you to store and protect all your passwords in an encrypted form so no one else can access them
- Change your password regularly. Again, it is recommended that you change your password at least every 30 days. Don't choose a password that is easily guessed by someone with personal knowledge of you (for example, one that contains your date of birth, phone number or any part of your name)
- Use Multi-Factor Authentication. This is a multi-step account login process that requires users to enter more information than just a password. A request to login is validated by a second contact with the account holder for an additional layer of security. You can enable multi-factor authentication on your Forsyth Barr account by visiting the Security section within your profile settings
- Install anti-virus software. Keep your computer and devices up to date and run regular checks
- Keep your computer and web browser up to date
- Log out when you are finished using your Forsyth Barr account. Take extra care to do this if you are using a shared or public computer
- Be aware of phishing emails or spam phone calls. Please see below for more about phishing
What is phishing?
Phishing is when scammers pretend to be trusted brands to trick people into giving out their personal information. Two of the more common phishing tactics are sending authentic-looking emails or impersonating companies via phone calls. With phishing emails, they often create a sense of urgency and prompt you to click a website link, which may ask you to enter sensitive information or download a virus to your computer.
Think you have received a phishing email?
If you are in any doubt about the authenticity of a communication you have received from Forsyth Barr, please contact your Adviser.
If you are suspicious of an email:
- don’t open any attachments or click any links within it
- check the email address it was sent from, as phishing emails often impersonate the display name
- check where the links lead by hovering your mouse over them (if viewing on desktop). If the URL shown when you hover over the link looks suspicious then treat the email as a phishing email
- don’t reply to the email
- forward us a copy of the email then delete it
If you think you have given out your personal details or have any concerns about your Forsyth Barr account, we suggest changing your password and contacting us immediately.