Secure Your Financial Data

For this week’s letter, I asked a couple of clients that work in tech security what are the most important practical steps the average person can take to protect their financial data online.

Password Protection

Passwords are a pain. And we have tons. You can manage them on a spreadsheet, use the same or similar passwords on all sites, or you can use a password manager.

The first two ways leaves yourself vulnerable. All it takes is one site to get hacked and a hacker can quickly run your username and password through multiple sites.

The best way to alleviate this risk is to use a password manager, like LastPass. It allows you to generate unique and secure passwords for each site. The current recommendation is 12 random characters (a mix of uppercase, lower case, numbers and special characters).

You’ll never need to know what these are because your master password, face, or fingerprint unlocks your library of login credentials.

You can even create unique answers to your security questions, so you don’t have to remember those either. Who remembers their favorite movie when they were 18? I change my answer depending on the day.

Password managers have a learning curve and will usually slow you down at first. But in the long run, they provide added security and good workflow (they use Face ID or fingerprints) as your navigating your sites.

Run the updates for your devices

Most companies advertise these as feature improvements. My wife sometimes thinks they’re trying to purposely slow her device down, so we’ll have to buy a new one. As tempting as that is to belief, they actual imbed security enhancements or patches for vulnerabilities in these updates.

Beware of Public Wi-Fi

The next time you’re at the coffee shop or airport, be aware what sites you’re logging into on public Wi-Fi. They’re usually not secure and someone could gain access to personal information on your computer.

It’s a good idea to wait to login to your bank or financial sites until you get home. And imagine if they found a spreadsheet full of your passwords.

You can also set up a hotspot from your mobile device and avoid the public network altogether.

Be aware of phishing emails and texts

It’s sometimes difficult to differentiate legit emails and texts from phishing. Bad actors are very creative with their schemes.

The most recent one I’ve seen is the phone bill text. You’ll receive a text that says your bill is ready or that you are owned a refund for an outage.

Never click the link.

What they are trying to do is gain access to financial information or your login credentials. A way to avoid these altogether is to never click a link (even if you’re confident it’s legit) in these messages. Instead, go directly to the app or website and login directly.

Here is a library of resources if you’d like to read more:

How to recognize and avoid phishing scams

How to protect your smartphone from getting hacked

Securely working remotely

Podcast episode on cybersecurity

Andrew Eppes, RICP®

Andrew Eppes is a registered representative of and offers securities and investment advisory services through MML Investors Services, LLC. Member SIPC. www.SIPC.org. Nexus Advisors, LLC is not a subsidiary or affiliate of MML Investors Services, LLC, or its affiliated companies. 14241 Dallas Parkway Suite 1200 Dallas, TX 75254 972-348-6300. The idea of retirement means different things to different people.  CRN202409-868034

Clear a Bold Path

Toward Total Financial Health