Security Best Practices

Stronger Passwords, Safer Accounts

Your password is the first line of defense in securing your online accounts. Weak or reused passwords make it easier for attackers to compromise your personal and financial information. By following key best practices, you can greatly reduce the risk of unauthorized access.

Password Best Practices

A good password is one that is easy to remember but difficult to guess. The longer your password is, the harder it will be for someone (or more likely, some program) to crack it. Passphrases, that uses a combination of words, are examples of a long password that can be easy to remember. A passphrase should be at least 4 words and 15 characters in length. Shorter passwords should include lowercase and uppercase letters, as well as numbers and special characters.

Here are some additional tips to consider when making your password:

• Don’t use easily guessed passwords, passphrases, or PINs, such as “password”, “let me in”, or “1234”, even if they include character substitutions like “p@ssword”
  
• Don't use names of family, friends or pets.
  
• Don't use phone numbers, social insurance numbers or birthdates.
  
• Don’t re-use passwords. Create a new password for your alc.ca account.
  
• Do use a password manager to help you keep track of your passwords.
  
• Do update your passwords on a regular basis.
  
• Do enable multi-factor authentication (MFA)

Why Multi-Factor Authentication Matters

MFA adds an extra layer of security on top of your password. Even if someone manages to get your password, MFA ensures that they cannot access your account without a second verification step—such as a code sent to your phone or email. It's one of the most effective ways to protect your sensitive accounts and should be enabled wherever possible.

Keeping your Data Safe

These simple steps below can go a long way to helping you protect your data:

• Use multi-factor authentication (MFA) to protect your login credentials from falling into the wrong hands. MFA makes accounts more secure by requiring at least two forms of authentication to log in.
  
• Use a strong, unique password when logging into your account.
  
• Keep your computer, software and web browsers updated with the latest patches.
  
• Install up-to-date anti-virus software on your computer to help guard against computer viruses.
  
• Be cautious with links in an email. If you receive an email advising you to click a link to update your personal information, DON’T CLICK IT!
  
• Please note that ALC will never initiate an email asking you to supply personal information. If you do receive such email and were not expecting communications from AL, please contact us to verify the request.

Protect yourself from credential stuffing

Credential stuffing happens when criminals use stolen usernames and passwords from one site to try and get into accounts on other sites. If you’ve used the same password for different sites, your account could be at risk. Multi-factor authentication should be used whenever possible.

Beware of Phishing and email fraud attempts

Many email users are being sent authentic-looking messages from reputable companies that instruct them to provide valuable personal data. It's called phishing. Recipients who respond to such emails are exposed to identity theft.

These emails often ask recipients to update or confirm personal information such as date of birth, SIN number, phone numbers, credit card numbers, passwords, account data and other information. The email content will likely use valid senders email addresses, logos, and links to credible businesses in the message and will instruct the recipient to click on a link that sends them to a fake website where they are asked to provide this personal information. These emails and sites may even claim that your personal information is compromised and your response time is urgent.

If you have any concerns, please contact the legitimate company and verify the authenticity of the request.

If you receive what you think may be a phishing email from Atlantic Lottery or alc.ca, please contact us at info@alc.ca or 1-877-252-3287.