Protect Yourself with Strong Account Security

Posted On 2 May 2020

Last updated on April 9th, 2024

Making, saving, and investing money are common themes covered in personal finances. If we neglect the aspect of account security, all our hard work can be undone! This post is about account security and how to increase your security. For more information on cyber security, I have a post here.

When passwords were required for computers and the Internet, I made the mistake of seeing “word” in password. The computer told me that I had to choose a word, and it had to be something I could remember. Then, as the years passed, I was told I needed to include numbers and symbols. I incorporated those features into my passWORD.

After I got a smartphone, the number of accounts grew huge! I used several base passwords, and I had to jot down reminders so I could try to remember my passwords. It wasn’t great, but it worked. Then, last year my brother-in-law convinced me to use a password manager.

Incorporating a password manager into my digital life has changed my whole approach to account security. It has allowed me to increase my security while making it easier for me at the same time.

When I was employed at an electronics store I was working with people and their cell phones. It amazed me so few people have much security! There are also a lot of people that are just not concerned with account security. Some think because they live in a small town, there is not much risk. The Internet is global and basically one great big city.

Anything Is Hackable

Let me start off with a disclaimer. I am not an Internet security expert, there are some excellent resources out there. My intention with this post is to get my readers thinking about account security and doing what they can to protect themselves.

Also, anything is hackable, locks can be picked, and things can be stollen. It is our job to make sure that we are doing what we can to make a thief’s work a lot harder! Here as things that we can all implement in our online lives.

Best Password Practices

We have all heard that we are not supposed to tell anyone our passwords. A strong recommendation is to avoid using words from the dictionary (including other languages!). Also, we should not use the same password more than once.

Strong passwords are at least 12 characters long and contain a combination of Upper-case and lower-case letters, numbers, and symbols. The problem with passwords is what work for good security does not work for people.

Even when using strong passwords, it is recommended to change passwords periodically. How often? At least once per year, and there are some accounts that require changing your password every 90 days.

Lies for Security Question Answers

Security questions are a big security threat! A lot of the security questions are things that can be researched about a person. A mother’s maiden name, the street we grew up on, and a teacher’s name are all things that another person could figure out.

A better approach is to use incorrect information for the answers. It really does not matter what the answer is, the important part is that the account owner knows the answer to the question. For example: What is your favorite sports team? Spaghetti.

I must give you a word of caution about this strategy. You must write your answers down somewhere. The safest place to keep these answers in in your password manager. Speaking of password managers…

Forget Passwords with a Password Manager

When you use a password manager, it will remember your passwords for you! You must remember only the password to get into the manager. I can remember one password! A highly recommended password manager is KeePass.

Since the password manager remembers my password for me, I don’t have any attachment to the passwords for my accounts. Passwords don’t have be something I can remember. I can also change my passwords a couple times per year. As long as I save the new password in the manager, it makes no difference to me.

You can include the answers to your security questions in the notes section of the password manager. Make the manager your friend. Is there an account that you use Facebook or Google to sign in? Put that in the notes section. You can even create an entry if there is no username or password used for the account.

Since the password manager has the information to get into all your accounts, it must be kept very safe. Make sure the password to get into your manager is long, complex, and memorable. Make it a sentence and include numbers and symbols. For maximum security, use a key file in addition to your password. The password manager database can be stored on cloud storage for easy access from both your phone and computer. The key file should only be stored locally on each device you use. Also, the key file MUST be the exact same file on all your devices.

Use 2FA if Available

I used to think that 2 Factor Authentication was just a pain! It is still a bit of a pain to me. Carrying house keys is a pain, too, but I still carry keys to our house. I can deal with a little discomfort in order to protect myself.

If there is an option for using an app or your cell number, choose the app. Cell phones and cell phone accounts can get hacked. The best authentication app is Authy. Some accounts only support a certain authentication app, so you might need a couple different apps.

Critical Accounts

People usually want good security for their financial accounts. Those accounts need strong security. There are two other types of accounts that need attention.

For a long time, I was not really concerned about security with an email account. What is someone going to do with my email? If a hacker gains access to your email account, they may be able to request a password reset link for your bank account!

The second account type that needs good security is your cell phone account. While 2FA is good for security, if a hacker can switch your phone number to a different provider, they can get into your secured accounts.

I don’t say these things to scare you. These are real threats that people need to be aware of before they become a victim. Once the security has been setup, there is not much more to do except maintain good security.

Leave Yourself a Backdoor

There are few things more frustrating that getting locked out of an account! I have seen many people that got a new phone and they had no idea what their password was to get into their accounts.

Make sure that you leave yourself a backdoor to your important accounts. What are the backdoors? A second email address or your phone number. That way you can get an email or a text to help you get into your account.

Keep Account Info Current

Backdoors are useless if the information is not kept up to date. I have seen people that used an ex’s email as a backup email. Now they are not on speaking terms with that person! Keeping info current will prevent this from happening to you.

I would recommend periodically (annually) checking the info on your accounts to make sure that everything is current. Another good time to check info is whenever something changes in your life. A work email address as a backup will not be effective for you if you are no longer with that company. Did your phone number change? You get the idea. Do yourself a favor and protect what you have. Stop using passwords that look like Password.123 for your accounts. Use a password manager and 2 Factor Authentication apps where you can. Let’s make hackers work harder.