According to a recent survey for the American Bankers Association, more than two-thirds of Americans use some form of online banking.

With four in ten Americans managing their accounts online, it’s important to stay safe to prevent identity theft. Follow these tips and tricks when banking online to keep your accounts safe.

Use Two-Factor Authentication One of the best ways to protect your accounts is to use two-factor authentication. Two-factor authentication (2FA) means you need a password and a randomly generated PIN to sign in. The PIN is only good for a small window of time, meaning even if your password is leaked, then an attacker can’t log in.

Many of the world’s most popular websites support 2FA. You should always secure your primary email account, even if your bank doesn’t support the technology. Most banks offer some form of 2FA, but if your bank doesn’t, consider asking them to adopt the security standard.

Use Complex, Unique Passwords

One of the primary ways people get their identity stolen is through the re-use of passwords. Hackers breach websites and release password databases all the time. You can check to see if your email address is attached to any known password breaches.

If you reuse a password that has been breached, anyone can sign into your account. You should never reuse passwords online, especially for essential sites like banking. When you set up your information, use a unique username you’ve never used before and a long-string password. If you have trouble remembering passwords, consider using a password manager. Many password managers like 1Password, Dashlane, Enpass, and Myki are available to help you keep track of all of your passwords.

Avoid Clicking Through Emails

Another popular way many hackers gain access to personal financial accounts is through phishing. Phishing is the act of sending an email that looks like it comes from a financial institution or some valid institution, but then it directs you to rogue site intended on stealing the applicable login information. For example, it could be something as simple and random as your SunTrust HELOC login information. You could get an email that masks itself as SunTrust asking you to double check your personal information, or to make a missed loan payment, but in reality the company is from a party attempting to “phish” you. Long before you click on ANY emails you receive, make an attempt to review the senders email address with extra attention to detail. Often times they will switch one letter out for another, or use a similar sounding name in hopes that you will click without noticing the difference.

Access Accounts from A Secure Connection

You should never access your bank account on an open, public Wi-Fi connection. Sometimes hacker’s set-up Wi-Fi connections at coffee shops and hotels that appear to be free public access. Once you’re connected, hackers can packet sniff to snoop on what you’re doing. If you travel and absolutely must use public networks at airports and other areas, consider purchasing a VPN. A virtual private network provider allows you to establish an encrypted connection, so you can access sensitive websites while traveling.

Set Up Account Notifications

Most banks offer text and email notifications for various actions on an account. For example, you can set up a text alert for a withdrawal of over $100, and you’ll get an alert each time it happens. This allows you to instantly know if someone is accessing your account. These alerts aren’t designed to prevent theft, but will immediately help you identify suspicious activity the instant it occurs.