Include changing passwords as part of your spring cleaning

Woman working on a laptop

Protecting your account is now more important than ever. Criminals are using a method called “credential stuffing” to try and access accounts at financial institutions. Credential stuffing is a type of cyberattack where criminals get usernames and passwords from data breaches and then use them to try and break into your other accounts. TwinStar and other financial institutions have seen an increase in this type of attack recently.

While no breaches have happened at TwinStar, attackers may try to use data from other breaches to gain access to your online banking. If you have used the same username or password for your TwinStar account and for accounts that may have been compromised elsewhere, you are at a higher risk.


So how do you protect yourself? Follow these key tips:


  • Log in to your account and change your login ID (username) AND password. Use a unique username for your login ID.
  • Consider using pass phrases instead of traditional passwords. Remember, the longer the better! TwinStar will accept passwords up to 20 characters long.
  • Enable two-factor authentication (2FA) or multi-factor authentication (MFA) for all your accounts where possible. TwinStar uses a type of multi-factor authentication called a secure access code (SAC). Secure access codes are required for any unknown browser or device.
  • Don’t write your passwords down. Use a password manager (there are free ones!)


If you suspect fraudulent activity on your account, contact us during support hours at 800.258.3115 and consider changing your login ID and password.