Welcome to Windsor Federal Savings!

	250 Broad Street Windsor, Connecticut 06095 860.688.8511



>	Online Banking for Consumers

>	Online Banking for Businesses

>	eStatements

>	Demo - Online Banking

>	Enroll in Online Banking

>	Online Banking Security - Multi-Factor Authentication Solution

>	Online Banking Security - Anti-Phishing Solution from Comodo

>	Frequently Asked Questions (FAQs)

>	Online Best Practices

>	Contact Us

>	Privacy Policy

>	Home

Online Banking Security – Multi-Factor Authentication Solution

Windsor Federal Savings, in accordance with federal banking requirements, is adding an additional layer of security to WinOnLine, the online banking and bill payment system. In addition to the Sign-On ID and password, this multi-layered, high level security program is designed to provide enhanced online banking security to further protect your personal account information when banking online.

Currently, when you sign on to WinOnLine, you are identified by your Sign-On ID and you authenticate who you are with your password (this would be considered Single-Factor Authentication). In Multi-Factor Authentication, you provide a second authenticating factor. Some web sites issue physical tokens, some use challenge phrases, some use random number generators and each method has its pros and cons. Windsor Federal Savings has carefully weighed its options and has decided to use a digital certificate based or challenge phrase method for the second form of authentication. The benefits of this option are:

No physical devices such as tokens to carry.
You create your own challenge phrases; we do not force you to answer questions specified by us but rather enable you to create your own security questions and answers.
SSL Certificates use 128 bit encryption technology to not only verify who you are, but also to verify your computer.
You can install a certificate on more than one computer if necessary.

Why is this additional layer of online security necessary?

Federal regulators are mandating that financial institutions implement a second layer of security for online banking in order to protect your accounts from computer hackers and identity thieves.

What is a digital certificate?

Digital certificates are security tokens that provide an additional means of proving your identity in electronic transactions, much like a driver’s license does in face-to-face interactions. Digital certificates protect the integrity of the data and provide a behind-the-scenes transparent Sign-On method that won’t inconvenience you.

How will this security feature be implemented?

After we turn on the Multi-Factor Authentication solution, upon your first Sign-On, you will be automatically guided through the registration process. This simple process will only take a few minutes and will only need to be completed one time. The process begins with the creation of three (3) security questions with unique responses containing a minimum of five (5) characters. When creating the responses to your security questions, we recommend that you make the response a single word to avoid spacing/typo errors that may cause sign on issues.

You will also be asked to download a digital certificate that will uniquely identify your computer and prevent you from having to answer a security question with each Sign-On. Registering your computer with a certificate tells us that it is you, not a hacker from an unknown computer attempting to access your account. This process will not cause your user name or password to be changed and we will not contact you by phone or email to obtain additional security information.

Do not install certificates on a public computer (library, Internet café, etc….). If you need to sign on from a public computer, you will be allowed access by answering one of your security questions.

What do I do on or after Monday, June 23^rd, if I do not have the time to complete the registration process but I need access to my accounts through WinOnLine?

The registration process associated with the Multi-Factor Authentication solution is voluntary through Sunday, August 10, 2008 but thereafter authentication will be required in order to access your accounts through WinOnLine. From June 23^rd through August 10^th, the registration process can be bypassed by signing on to WinOnLine with your Sign-On ID and password and then once the registration page appears, scroll to the bottom of the page and click on “Continue without it” to access your accounts through WinOnLine. We highly recommend that you register at your earliest possible convenience and not delay until the mandatory date when any unanticipated problems with the registration process could become a significant inconvenience to you.

When is it appropriate to download a digital certificate?

You can download a digital certificate on up to four (4) computers that you normally use to access your accounts. If you need to download a digital certificate to a different computer other than the one you initially registered, you will need to respond to the security questions again so we can verify your identity, then you can download a digital certificate to that computer and access your accounts. However, you should not download a digital certificate to a public or infrequently used computer.

What is a public computer?

A computer that is accessible to the general public is considered to be a public computer. Examples are computers in libraries, school computer labs, hotels, airports and cafes. Please DO NOT install certificates on these types of computers. If you need to Sign-On to a public computer, you will be allowed access by answering your security questions. However, you should never download a digital certificate to a public computer.

Do I need to select the digital certificate each time that I Sign-On to WinOnLine?

Not necessarily. If you have multiple digital certificates on the same computer, then you must select the appropriate digital certificate which can be determined by the appearance of the last two (2) characters in your Sign-On ID. However, if you have only one (1) digital certificate on your computer, you may suppress the pop-up screen with the digital certificate from your desktop.

On Internet Explorer select “Tools” > “Internet Options” > “Security” > “Custom Level” and then scroll down to “Don’t prompt for client certificate selection when no certificates or only one certificate exists” and click “Enable”.

Please note that changes to browser settings can affect the functionality of your browser and therefore all such changes should be done at your own discretion.

If necessary, can I delete a digital certificate from my computer?

Yes. On Internet Explorer select “Tools” > “Internet Options” > “Content” > “Certificates” and then highlight the certificate that you would like to remove and click “Remove”.

When will you ask me a security question?

We will ask you a security question when you sign on from an unregistered computer (such as a public or infrequently used computer) or when you sign on from a computer that you have not yet registered.

What do I do if I am Signing-On and I have forgotten the correct answer to the security question?

When you complete the registration process for the Multi-Factor Authentication solution, you are asked to provide up to two e-mail addresses to which a one-time reset code will be sent enabling you to reset your security questions and answers. If you forget the answer to the security question that is presented, you will see on the same screen below the security question, a button labeled “Send a one-time password”. Click on this button and then select the e-mail address where you want us to send the reset code, then click “Continue”. Click “Continue” again and you will be returned to the security question screen. In a few minutes, the e-mail will arrive from Customer Support / Windsor Federal Savings with your one-time reset code. Below the security question, is a button labeled “Enter one-time password”. Click on this button and then enter your one-time reset code. This reset code will enable you to pass through the authentication process one-time and/or reset your security questions and answers.

What is the difference between the secret question/phrase under “Options” in WinOnLine and the security questions in this security solution?

The secret question/phrase under “Options” in WinOnLine is used to authenticate you when you have clicked “Forgot Password” located in the WinOnLine Sign-On box and are requesting that your WinOnLine password be e-mailed to you. However, the security questions in this Multi-Factor Authentication solution are used to authenticate you when you have already signed on with your Sign-On ID and password but a digital certificate is not present on the computer that you are using to access WinOnLine. In essence, the secret question/phrase is associated with the first layer of security (User Name and password) and the security questions are associated with the enhanced security solution.