Strong Passwords, Two-Factor Authentication Are Critical to Identity-Theft Protection by Jeffrey M. Mutnik, CPA/PFS
Posted on January 14, 2020
Two of the easiest steps you can take to protect yourself from identity theft, cyberthreats and loss of personal information and/or money is to 1) use strong passwords and 2) rely on multi-factor authentication when logging into their online accounts. With the start of the 2020 tax season and the proliferation of scams targeting taxpayers during this time, it is critical that you keep the following tips in mind when filing your 2019 taxes.
In recent years, cybersecurity experts have revised their guidelines for creating and using strong password to include the following recommendations:
- Use word phrases that you can remember rather than random letters, characters and numbers that you may not be able to recall easily, i.e. rather than PXro#)30,” use a longer phrase like “SomethingYouCanRemember@30.
- Avoid including any of your personal information in your password.
- Use a combination of letters, numbers and symbols.
- Use a minimum of eight characters; the longer your password, the better.
- Do not reuse or update passwords. For example, changing Bgood!17 to Bgood!18 is not good enough.
- Use unique usernames and passwords for all your accounts and devices.
- If possible, do not use your email address as a username login.
- Store passwords in a secure location, such as a safe or locked file cabinet, or a cloud-based password-manager program.
- Never disclose your passwords to any person for any reason.
Whenever possible, chose multi-factor authentication as an added layer of security to log into password-protected accounts. For example, to prove that you are you, two-factor authentication will require you to first enter your credentials (username and password) and then enter a security code sent to you via text or email. Sometimes, the second level of security may be as simple as asking you to reply “yes” to a text sent to the phone number you have listed on your account.
Multi-factor authentication is based on the premise that while thieves may be able to steal your username and password, it is highly unlikely they also would have access to your mobile phone to receive a security code or other confirmation to complete the log-in process.
As final words of warning, the IRS encourages taxpayers to know the signs of phishing scams and recognize that at no time will the agency ask for an individual’s password. In addition, always remember that the conveniences of connecting to a public Wi-Fi comes at a significant safety risk, as these networks can be hacked easily by criminals looking to steal your personal information.
About the Author: Jeffrey M. Mutnik, CPA/PFS, is a director of Taxation and Financial Services with Berkowitz Pollack Brant Advisors + CPAs, where he provides tax- and estate-planning counsel to high-net-worth families, closely held businesses and professional services firms. He can be reached at the CPA firm’s Ft. Lauderdale, Fla., office at (954) 712-7000 or via email at info@bpbcpa.com.
← Previous