The customer account page is the centerpiece for your customers’ experience on your Shopify site.
It is designed to help customers save and access all sorts of information — purchase history, saved payment methods, addresses, and more. So that they can easily purchase from your store.
However, this also means customers have sensitive information stored in their customer accounts.
This makes the customer account an easy target for hackers.
While you may be following protocols and best practices, it is important to additionally help customers protect Shopify customer accounts.
That’s where passwords come in.
In this blog, we’ll tell you how to ensure your customers follow best practices to keep their passwords secure.
9 ways to ensure your Shopify customers’ account is secure
Hacking, phishing, and online frauds are on the rise. In this section, we share nine best ways and actionable tips to help you ensure your customers’ passwords remain secure, always.
1. Set strong password requirements
More than 80% of online fraud is due to stolen, weak or reused passwords. This means it’s extremely important to have strong passwords. Even for your eCommerce customer account page logins.
Password hackers can steal your personal information from your eCommerce customer accounts.
Clearly, the need is to encourage customers to set strong passwords. Here are some tips:
- Make strong passwords mandatory
- Have automated suggestions for strong passwords
- Urge customers to create complex passwords — use a mix of uppercase, lowercase, special characters, numbers, etc.
- Suggest long passwords as they are stronger — ideal length is at least 8 characters
- Recommend customers to create new passwords instead of repeating/reusing
- Incorporate social login feature so customers can have more secure login
Here’s an example:
2. Nudge customers to set up two factor authentication
As an online business, it is your responsibility to safeguard your customers’ personal information. And one of the best ways to protect your Shopify customer account is to set up two-factor authentication (2FA).
2FA is a security system that prioritizes identity confirmation and access management. It requires customers to go through two forms of identification in order to log into your Shopify customer account.
Once you set up 2FA, if there’s a fraudulent attempt to log into your customers’ account, the customers will be notified via their phone or email.
Having 2FA also helps you safeguard your other customers’ information as well as critical information of your Shopify business.
Here’s what you can do as a responsible brand:
- Incorporate 2FA system in your Shopify login process
- Encourage customers to strictly follow the practice
- Create a campaign to let customers know the importance of it
- Boost customers’ confidence in your brand by telling them you care about their data security
3. Automate login error notifications
Another way to safeguard your customers’ information is to automate login error notifications.
For instance, if someone (your customer or hacker) tries to login but fails due to wrong login id or password, your customer should receive a login error notification. This notification can be sent via email, SMS, or other communication channels.
This will immediately alert customers if someone else is trying to log into their account. Automating this process can help you in many ways:
- Secure customers’ information
- Secure your Shopify business account
- Build trust among customers
4. Make it easier for customers to change passwords
One of the most important aspects to consider is to make it easy for customers to change their customer account login passwords.
Essentially, customers shouldn’t have to reach out to your customer support for a simple thing such as changing passwords.
Here’s what you should do:
- Provide the option of changing passwords in the Shopify customer account page
- Make the process easy and simple so customers can change passwords themselves
- Encourage customers to change passwords periodically
- Automate email or SMS messages when customers change passwords
- Secure the change password process so that hackers cannot change customers’ password easily
Here’s an example from a Shopify site that makes changing password easy through its customer account page.
5. Nudge customers to update password periodically
Another best practice to ensure customers’ Shopify passwords are secure is to encourage them to change their passwords from time to time.
Many customers save passwords on their browsers so they do not have to enter them every time they open your Shopify site.
However, in the process, customers could forget their passwords and may not be able to log in from another device.
Hence, it can be helpful if you ask customers to change their password periodically. This also reduces the chances of hacking or any fraudulent activities.
6. Offer password encryption
Password encryption helps protect sensitive information. It uses algorithms to convert a plain-text password into complex characters. By using password encryption, you can enhance the security of the Shopify customer account, user data and prevent hackers from stealing or deciphering passwords.
By enabling password encryption, you can protect customers’ passwords when they are stored on your Shopify site as well as when they are transmitted over networks.
Overall, password encryption makes encrypted passwords useless to hackers who manage to steal them.
7. Discourage password sharing
Did you know 51% of customers use shared passwords? Meaning, two or more people use the same customer account. Entertainment streaming sites are the perfect examples of shared password usage.
Password sharing can negatively affect your Shopify customer account security:
- It impacts your business and revenue as more than one person uses the same account. For instance, person A buys products worth x amount and earns x store credits. Person B logs in with the same credentials and uses store credits to make more purchases
- It affects your Shopify data collection. You won’t get clear information because more than one person is involved
- It reduces the security level as even if person A is careful with the password, person B may not be, which could lead to password phishing or theft
The best practice is to discourage password sharing. In some regions, password sharing is illegal and eCommerce brands do not allow it as a rule.
However, the best way to avoid password sharing is to request customers to refrain from doing so.
8. Disable password screenshots
Did you know malware and spyware can easily capture screenshots of passwords? This makes it easy for hackers to steal passwords.
Hence, one of the best ways to avoid this is to disable password screenshots. Not only will this save your customers’ sensitive information, it will also save data from your Shopify store.
Moreover, saving screenshots of passwords on your computer or phone can also be dangerous. Any third-party having access to your devices can steal your password from the screenshots.
9. Nudge customers to keep their contact details updated
Another important factor in protecting Shopify customer accounts is ensuring customers’ contact details are updated.
For instance, customers might have signed up on your eCommerce site with an old email address, which they might not be using/accessing anymore. Unused or dormant email accounts are more vulnerable to hacking.
Hence, you can ensure higher security by encouraging customers to update their Shopify customer accounts with new contact details. This can ensure they see alerts if a third-party is trying to access their account.
Additionally, updated contact details makes it easy for customers to change passwords and perform other tasks on your customer account.
Bonus: Prevent fake signups on your Shopify store
Reports reveal 30% of internet traffic is generated by bots. These bots are responsible for creating fake customer accounts on eCommerce sites. This can affect your brand’s reputation, lead to false data, and increase frauds on your store.
And so, to protect your Shopify customer account, it’s a must to prevent fake signups on your Shopify store. Some ways to prevent fake signs ups are:
- Use reCAPTCHA to ensure your customers are actual humans
- Add double opt-in; it will send an email with a confirmation link to the customers
- Set up a customer account page on your Shopify store, so you know if a human is using the account or is it a bot
- Block spam traffic to your website
To learn more about fake signups and how you can protect your site from it, read our detailed blog here.
Are you ensuring your Shopify customers’ security?
Customers trust brands more when they know their data is secure. When they see you taking precautions and measures to safeguard their passwords and data, they have more confidence in your brand. As a result, they would be willing to share more information with you.
To ensure your customers feel secure and confident about you, your first step should be to set up an efficient customer account page on your Shopify store.
Flits Customer Account Page App makes it easy for you. The intuitive app designed for Shopify and Shopify Plus sites provides comprehensive features that ensure security and safety.
Install Flits Customer Account Page App on your Shopify site.