Helping clients learn how to keep their online presence secure is important to us as a firm. We want you to avoid identity theft just as much as you want to avoid it. To help, I’ve created a list of the top three things to keep in mind for your password security.

1. Length – According to cybersecurity experts, length of a password is what matters most. The longer the password, the harder it is for a bad actor to use their tools to crack it. Current guidelines suggest using a passphrase (a sequence of words) you might remember but that would be difficult for someone else to figure out using clues from your life or social media presence. New passwords should be at least 12 characters long, but ideally should be longer.

2. Strength – A robust password should contain both upper- and lower-case letters, numbers, and unique characters. To increase login security, it is also a best practice to add multi-factor authentication (MFA) whenever possible. MFA adds an additional step, such as texting a code or using an app to generate a code, to the login process, which helps prevent unauthorized access if a bad actor has obtained your login ID and password.

3. Uniqueness – Ever heard of credential stuffing? This is when bad actors process a stolen set of login credentials through software that tries to use that login and password combination on as many websites as they can in a short period of time. The hacker’s hope is that someone has reused a password repeatedly so they can access multiple sites. To avoid falling victim to this, ensure you are using a unique password for every site in case your credentials are ever stolen during a cyber-attack. If you’re worried you won’t remember or will run out of ideas, consider using a password manager to help you stay organized and secure.

- Margaret Gooley, CFP®, CDFA®, Worley Erhart-Graves Financial Advisors

This article was included in the Worley Erhart-Graves Quarterly Newsletter. Download the printable version here.