Hawthorne will institute multifactor authentication to ensure members are provided with enhanced security when signing onto our online services, later this year. Authentication is the process of verifying a member's identity when accessing our online services. Currently we use a username and password or single-factor authentication. Multifactor authentication requires a username, password and some other type of "key" to complete the sign-in process. Following is a list of the most frequently asked questions regarding multifactor authentication.
Why is Hawthorne making these changes?
The security enhancements will offer you added safety by helping ensure that only you can access your credit union account.
Back to Top
What is this new security feature?
You have always authenticated yourself to Online Access when you log in with your User ID and password. Soon, we'll also authenticate ourselves to you. You will know with certainty that you are visiting Hawthorne's Online Access site because you will be presented with your picture and text phrase every time you logon.
Back to Top
Why is Hawthorne introducing this feature?
Hawthorne has never been successfully hacked, and no members have been phished. But, phishing is the fastest growing crime in the country. To ensure we proactively keep our members safe and secure, we will be implementing this new security feature.
Back to Top
Where is the text box for my password?
You will enter your Hawthorne Credit Union's Online Banking password on a subsequent page. Please enter your account number, click "Login," and you will quickly go to the next screen.
If this is your first time logging on since we added this feature, you will be asked to select a "challenge question" and provide us with a short answer. This question will only be asked of you if you access Hawthorne Credit Union's Online Banking from a different computer (or if you delete your browser's cookies).
Back to Top
Has my Online Banking password changed?
No. The answer you provide to the "challenge question" is separate from your regular Hawthorne Online Banking login password.
Back to Top
How does Multifactor Authentication work?
You and the Hawthorne share a unique picture and a text phrase (called PassMark) that no one else knows. In addition, we take a footprint of your computer. When you login, look for the picture to verify that it is really us. If we recognize your computer, we will show you the picture, and you can enter your password to get in. If you don't see the picture, double check to make sure it's really us (by manually entering Hawthorne's URL into your browser to go to our web site). If we don't recognize your computer, we will double check it is really you. We will ask you a question to which only you would know the answer before showing you the picture and asking for your password.
Back to Top
Why do I need a picture and text image to logon "PassMark?
Fraudsters attempt to trick people into giving up their personal information, such as passwords and account numbers, by creating fake web sites that look a lot like the real web site. This is called phishing. Your PassMark image and text phrase are a simple countermeasure to these attacks, as well as protection against other forms of identity fraud.
Back to Top
Will this new process be easy for me?
Above all, PassMarks are simple. Increased security is achieved without much change in your experience. Just use the site as usual and look for your PassMark at login. Occasionally you might be asked to re-validate who you are or to register a new computer.
Back to Top
How do I change my PassMark?
The PassMark feature allows you to change your image or phrase at anytime and as often as you like. Your new image and phrase are then presented to you each time you log in.
Back to Top
How will the site be more secure?
The security upgrade will protect you from accidentally revealing your user ID and password to a fake site. In addition, if someone does somehow get your user ID and password, he will still not be able to access your account because he is not at your registered computer.
Back to Top
What happens if my password is stolen? How will you keep someone from
accessing my account?
When someone tries to login using your stolen user ID and password, we will recognize that they are logging in from a different computer, and we will ask them a secret question. Since only you know the answers to your secret questions, they will not be able to give a correct answer. They will not be able to login.
Back to Top
Can I opt out of registering challenge response questions?
No. Everyone who has activated Online Banking access on their account will be required to register challenge response questions. Ensuring the security of your online banking experience is a top priority at Hawthorne, and we understand the need for each member to feel comfortable and secure when using Online Banking. Everyday, as consumers, we are faced with new security threats which range from e-mail scams and Phishing attempts, to spyware and other attempts to gain access to our personal information. We understand this changing environment and we continue to be proactive in identifying ways to help ensure the continued security of your Online Banking experience.
Back to Top
How do I find out more?
If you have any questions regarding our extensive Multifactor Authentication please email memberservices@ehawthorne.org or call 630-369-4070 800-848-1697 (outside IL). If you would like more information about protecting yourself from identity theft, click here. Also, keeping us up to date with your current address and phone number is important so that we can reach you if we suspect any fraudulent or unauthorized activity.
Back to Top
