Account Security

Our website is protected using Secure Socket Layer (SSL) encryption. These security measures are in place to keep the website secure. Make sure that the (insert picture of lock) appears on the left-hand corner or if the URL begins with “https” (HyperText Transfer Protocol Secure) protects the integrity and confidentiality of the data transmitted between your device and the websites you use.

Clean Energy Credit Union will never ask you for personal information including any account information or social security numbers via an insecure email. We will also never initiate a call asking you to provide any personal information. Click here to review our privacy policy.

Our online banking validation offers the highest level of extended validation certificates, Secure Site Pro with Extended Validation SSL Certificates by VeriSign. These certificates provide a 128-bit encrypted connection between the user’s browser and the web services. All information in transit between the client and server, including cookies, is transmitted encrypted. Extended Validation (EV) Certificates provide visual indicators, including a green address bar and padlock at the header of the browser provides assurance to users that they are at the correct website.

All data exchanged between Mobile Web Banking and Mobile Banking Apps with Digital Insight servers are protected in transit using Transport Layer Security (TLS). All offerings provide strong password requirements and aggressive idle timeouts. In Mobile Web Banking, no customer information is stored or cached on the device. Mobile Banking Apps use the device’s secure storage to host sensitive data.

Mobile Banking Apps use out-of-bank multifactor authentication to validate users at login.

A password represents a shared secret between the end user and the system they are authenticating. The system cannot differentiate the real user from another user who also knows the password. For this reason, it is essential that users keep their password private.

A well-chosen password has two important characteristics; it should be easy to remember, and hard to guess – a password that has to be written down is not strong, no matter how many principles of a good password are applied. Users should be advised not to write down the password anywhere. This is an example of a more secure password: Mpis4y2!

• At least 8 characters in length
• At least one numeric digit
• Use of upper and lower case
• Use of special characters
• Not a word in the dictionary
• Not easily guessed
• Can be easily remembered as an acronym: My password is secure 4 you 2! Adding another character increases the time required to crack the password almost 100 times.
  • This is an example of a less secure password: Password1
• Is based on a word in the dictionary, Password1 is among the top 630 most used passwords and can be cracked instantly using a dictionary attack.