Find out what makes a good password.
Fraud & Identity Theft Protection
The POODLE Vulnerability · Oct 20, 2014
This term is being used for a vulnerability in SSL version 3. SSL provides for the encryption of communications on secure websites, identified by HTTPS in the website's address.
Many vendors, including those supporting Langley Online Banking, are disabling SSLv3, relying on more recent standards. As a result, members using Internet Explorer version 6 or earlier will need to upgrade to a newer browser in order to continue using Langley Online Banking.
Disabling SSLv3 in the browser or on the server is sufficient to mitigate this vulnerability. You may be able to disable SSLv3 in your browser. Please consult your browser's documentation for instructions. Note that there is no patch to mitigate the SSLv3 problem since the SSLv3 protocol itself is vulnerable, and the SSLv3 has literally reached end of life.
A good security Rule of Thumb is to keep your Operating System, browser, firewall, and antivirus up-to-date. This practice will go a long ways towards proactively protecting your computer and data.
The "Shellshock" Vulnerability · Sep 26, 2014
This term is being used for a vulnerability discovered in the GNU Bourne Again Shell (BASH). BASH is a common command line used in most Linux/UNIX operating systems and Apple Mac OS X. Exploiting this vulnerability depends largely on its victim running unpatched operating systems.
Langley's infrastructure does not use Linux/UNIX web servers, thus minimizing any risk related to BASH. Additionally, Langley utilizes a strong Patch Management System to keep its operating systems up-to-date and well defended against such an attack.
Langley is monitoring news of this critical vulnerability for which the Department of Homeland Security has published a technical alert (US-CERT Alert A14-268A). We recommend members, especially those using Linux/UNIX or Apple Mac operating systems, follow the recommendation of your operating system vendor.
Suspicious Emails · Aug 23, 2014
Members have reported receiving an email that states they need to update their contact information within 48 hours or have their online account access restricted. These emails represent themselves as originating from Langley and may contain our logo.
This is an attempt by phishers to trick members into revealing confidential information. These emails are not from Langley. Delete them. Do not follow their directions.
Please review Langley's Policies below.
- Langley will never call you and ask for your account number.
- Langley will never send you an email directing you to a website to "verify" your personal or account information or any transaction.
- Langley will never send you a text message directing you to call a phone number to "verify" your personal or account information or any transaction.
- Langley staff members will never ask for your password or PIN number to any service.
The following Internet locations are either operated by LFCU
or by a third-party vendor in partnership with LFCU:
You may receive email from:
Websites you may be sent to:
In the event you have provided credit, debit or ATM card information to a caller or website and you suspect your account information has been compromised, it is important to act quickly. Use the following phone number to report this information:
Toll-free 24 hours a day.