Security Basics: Passwords and Two-Factor Authentication

In today’s world, it is easier than ever to track and monitor your personal finances. All you need is a computer or smart phone, access to an internet signal and boom, you can go to the institution of choice to view your financial accounts. No longer is there a need to travel to a bank or call via phone and wait for someone to give you the information you are seeking. However, with that kind of ease of access comes more risk. Hackers have now become prominent threats that are constantly trying to access private accounts either for their personal use, or to sell your private information in the dark web. In this online world your first line of defense is the password. Handled correctly, passwords can be very effective in fighting hackers, but used incorrectly they can also backfire dramatically. Here is what you should know.

When creating a password, make sure it is complex and unique enough that a hacker would not be able to easily figure it out. Even though less common now, I am sure there is still someone out there using the password “password” or “123456.” This is exactly what not to do. By ‘unique’ we mean that you are using different passwords for every site. Even though reusing the same password is easier, it is also much more dangerous. Remember, your gym probably doesn’t have the same level of security as your bank, so why would you use the same password for both and risk exposing your bank password to hackers.

Here are our recommendations for strong passwords:

· Password at least length should be 10-12 characters long

· Include at least 1 uppercase or lowercase letter

· Include at least 1 special character (@,#,$...)

· Should be unique. Not a reused password and should not be simple to figure out. (i.e. dog’s name)

In the simplest form, a password made up of 12 characters that only include the alphabet can take as long as a decade to crack. Even though that is a long time, we also highly recommend that you change your password on a yearly basis. This is due to the fact that every year that you keep the same password, that cuts down the amount of time it would take to crack the password since hackers can eliminate combinations that they have attempted previously.

In addition to the password many websites now offer two-factor authentication to provide an additional layer of security. Two-factor authentication requires to you provide both a password and a second, dynamic code from a text of phone app in order to log in. Since the code changes at each log in, two-factor authentication can help secure your account even if your password has been compromised.

Here at Cedarstone, we believe giving you the proper tools is extremely important in guarding your information. If you are not using two-factor authentication to access your Schwab account and think you would like to opt in, please feel free to let us know and we would be happy to activate it for you. We have also included a link that includes a video on how to activate two-factor authentication on the Schwab platform.

https://www.schwab.com/content/two-step-authentication