FORM CRS & ADV 2A
MEET WITH AN ADVISOR
Life Planning Advice

The Importance of Password Security

By
June Adams
May 10, 2021
Share on:

Weak passwords can compromise the best security tools and controls. With a never-ending list of applications and services that users and consumers access, people may have dozens of passwords to maintain at any given time. Often, the temptation to use familiar terms such as pet names, favorite teams or the names of children or friends can cause risk since much of those details can be discovered by a simple examination of social media.

Creating strong passwords offers greater security for minimal effort. Weak passwords can compromise the best security tools and controls. With a never-ending list of applications and services that users and consumers access, people may have dozens of passwords to maintain at any given time. Often, the temptation to use familiar terms such as pet names, favorite teams or the names of children or friends can
cause risk since much of those details can be discovered by a simple examination of social media.

Under Lock and Key
You can buy a small padlock for less than a dollar—but you should not count on it to protect anything of value. A thief could probably pick a cheap lock without much effort, or simply break it. And yet, many people use similarly flimsy passwords to “lock up” their most valuable assets, including money and confidential information. Fortunately, everyone can learn how to make and manage stronger passwords. It is an easy way to strengthen security both at work and at home.

What Makes a Password ‘Strong’?
Let’s say you need to create a new password that’s at least 12 characters long, and includes numerals, symbols, and upper- and lowercase letters. You think of a word you can remember, capitalize the first
letter, add a digit, and end with an exclamation point. The result: Strawberry1!

Unfortunately, hackers have sophisticated password-breaking tools that can easily defeat passwords based on dictionary words (like “strawberry”) and common patterns, such as capitalizing the first letter.
Increasing a password’s complexity, randomness, and length can make it more resistant to hackers’ tools. For example, an eight-character password could be guessed by an attacker in less than a day, but a 12-character password would take two weeks. A 20-character password would take 21 centuries. You can learn more about creating strong passwords in your organization’s security awareness training. Your organization may also have guidelines or a password policy in place.

Why Uniqueness Matters
Many people reuse passwords across multiple accounts, and attackers take advantage of this risky behavior. If an attacker obtains one password—even a strong one—they can often use it to access other valuable accounts.

Here is a real-life example: Ten years ago, Alice joined an online gardening forum. She also created an online payment account and used the same password. She soon forgot about the gardening forum, but someone accessed her payments account years later and stole a large sum of money.

Alice did not realize the gardening forum had been hacked, and that users’ login credentials had been
leaked online. An attacker probably tried reusing Alice’s leaked password on popular sites—and
eventually got lucky.

Guarding Your Passwords & PINS. Passwords and PINS protect sensitive data and it's critical to keep them safe. Try these best practices to stay protected.

1. Do not write them down – Many make the mistake of writing passwords on post-it notes and
leaving them in plain sight. Even if you hide your password, someone could still find it. Similarly, do
not store your login information in a file on your computer, even if you encrypt that file.
2. Do not share passwords – You cannot be sure someone else will keep your credentials safe. At
work, you could be held responsible for anything that happens when someone is logged in as you.
3. Do not save login details in your browser – Some browsers store this information in unsafe
ways, and another person could access your accounts if they get your device.
4. Use a password manager – These tools can securely store and manage your passwords and
generate strong new passwords. Some can also alert you if a password may have been
compromised.
5. Never reuse passwords – Create a unique, strong password for each account or device. This
way, a single hacked account does not endanger other accounts.
6. Create complex, long passwords – Passwords based on dictionary words, pets’ names, or other
personal information can be guessed by attackers.

 

 

 

You may also like:

Life Planning AdviceTax Planning Advice

Be Aware of Tax-Related Scams

By
June Adams
April 26, 2021

Protect yourself from these tax-related scams.

Tax-related scams have become increasingly common, and they happen year-round.  Fraudsters will contact you pretending to be from the Internal Revenue Service (IRS), a tax accounting service, or another tax-related agency.  You could receive fake emails, phone calls, letters, or other communications.

Be on high alert for phishing emails. Scammers are attempting to steal information such as tax IDs, account information, passwords, and other valuable data.  Be immediately suspicious of any unsolicited communication (email, text message, letter, or call) that asks you for your Social Security number, login credentials, or other personal information.

Review these helpful FAQs:

  • Will the IRS contact me via email?

The IRS will never initiate contact with you via email, text messages, or social media with a request for personal or financial data. Be extremely careful with any unsolicited email that claims to be from the IRS.

  • What should I do if I receive an email or text message claiming to be from the IRS or another tax service that asked for sensitive information?

Do not reply! Do not click on any links or download any attachments. Forward any IRS-related emails to phishing@irs.gov.

  • What should I do if I discover a website claiming to be the IRS that I suspect is not legitimate?

Do not click on any links, download any files, or submit any information. Send the URL to phishing@irs.gov

  • Are there any trusted resources I can use to identify email scams or websites claiming to be
    the IRS?

The IRS highlights examples of email scams and bogus websites. Find the information online at www.irs.gov/uac/Report-Phishing and https://www.irs.gov/newsroom/tax-scams-consumeralerts.

  • What should I do if I receive an unsolicited phone call or letter claiming to be from the IRS that
    I suspect may not be legitimate?

Contact the IRS yourself to confirm any requests made via phone or letter, particularly those that are threatening or demand immediate payment. Visit www.irs.gov/uac/Report-Phishing for phone numbers and other tips.

  • If I receive a suspicious tax-related email while at work, should I notify my company?

Yes! Report suspicious emails to IT. The IT team can help you determine if a message is legitimate. In addition to confirming requests for your personal data, you should verify any email that asked you to provide copies of W2 forms or your coworkers’ tax-related information.

Read more
Investments Advice

Making Volatility Work for You

By
Zach Swaffer, CFP®
February 28, 2019

Do you want to start investing but fear you will be buying in at the top of the market? Well, what if I told you there was a way to invest in which you could take emotion out of the equation altogether, not only banishing market anxiety but actually taking advantage of dreaded market volatility? Too good to be true? Far from it. The panacea exists, and it’s called dollar cost averaging or, as we call it in the finance world: DCA.

Dollar Cost Averaging is a pretty simple financial strategy: you purchase a set dollar amount (say $300) of securities (stocks, mutual funds, etfs, bonds…you get the idea) on the same day each month. Because you are committed to a set dollar investment the total number of shares purchased will vary from month to month based on the market. In months where prices are increasing you receive fewer shares; however, in months with falling prices your money buys MORE shares.

How does this benefit you? It removes emotion from the investment equation by keeping you from attempting to “time the market” (which has been proven to be impossible) and helps establish the saving behavior necessary for long term financial success. You are not waiting for a certain price to be reached before buying and when markets are experiencing volatility you are not selling and sitting on the sidelines waiting for things to settle down and then attempting to determine when to buy back into the market. Rather, you are using a disciplined strategy to steadily contribute to your long term goals and when the market is on sale, prices are declining, your monthly contribution has more buying power.

Here’s what’s even better: you are most likely already taking advantage of DCA as part of your financial plan, without even realizing it! If you are contributing to an employer sponsored retirement plan like a 401(k) (which you should be!), you are taking advantage of Dollar Cost Averaging by setting aside a certain percentage of your pay and investing it on set days each month. But why limit a DCA strategy to just one segment of your financial portfolio? You can leverage Dollar Cost Averaging to efficiently build individual accounts for shorter or medium term priorities such as travel, a new car, or purchasing a house. It’s not magic or rocket science, but Dollar Cost Averaging can help take advantage of volatility in markets, remove emotion from investing, and establish a beneficial pattern of saving for future priorities.

While dollar cost averaging is a powerful financial tool it is only one component of a full financial plan. If you would like to talk more about the impact of dollar cost averaging on your personal financial plan please contact me at zach.swaffer@trilogyfs.com.

Read more

Get Started on Your Financial Life Plan Today