We now live huge chunks of our lives online, and do ever more of our financial transactions and interactions via email, applications on our phones, and through websites.
As a provider of financial planning and investment advice, I am perhaps a little more sensitive than most to what can go wrong in terms of online security and privacy. The recommendations below are not intended to be comprehensive or "fail safe", but could form a foundation for improving online safety.
lock your phone
This one should be obvious, but it seems that a number of us out there in the world are still resisting the step to add a PIN, fingerprint, or password to our smartphone. These devices typically have unrestricted access to email, social media, and maybe even financial accounts via apps. Accidentally leaving an unlocked phone on the bus, coffee shop table, or a park bench can provide one-stop access to a stranger.
At a minimum, a 4 digit PIN or "pattern lock" can provide a measure of protection, especially against the mildly curious.
BONUS: take a minute to review the "remote lock" function for your phone model, operating system, or carrier.
iPhone Remote Lock Instructions
Android / Google Remote Lock Instructions
go two factor
An increasing number of accounts (email, Facebook, Twitter, etc) offer what is called "two factor" or "two step" authentication or log-in. What this means in brief is that to initially access your account on a new device (phone, laptop, tablet) you must have both the password AND a code sent to a trusted device. So you may be logging into Gmail on a new computer and Google will send a text message to your phone, adding a layer of security to that log-in.
Generally, you can choose to have your account "remember" that device, so you do not have to go through the two step process every time. HOWEVER, if you are using your phone as a part of this two step process, it becomes even more important to password protect or otherwise lock your phone.
passwords are crucial
The first line of defense against another person accessing private accounts may just be having a decent password. Gone are the days of being able to pick a pet's name or a clever but simple combination of initials and birth date. And it is not reasonable to use the same password for multiple services.
Current best practice in strong passwords require length and randomness.
One approach could be a string of 8+ random numbers, letters (both lower and upper case), and symbols. A challenge with this option is that the password can be overly difficult to remember even one account, much less a similar string for dozens of accounts.
A second option can be a "phrase" or combination of random words: "bananaumbrellafloristdog" is an example that may work in some scenarios...throwing in a number or symbol would make it better.
Using a "password manager" may be helpful for some people, or having a readily accessible (but secure!) reference with various passwords could be supportive.
Some browsers (the software you use to access the internet) now default to a "secure" mode when possible. You can check whether your access is in this secure mode or not by looking at the address bar. The actual language or graphic varies by browser, although most will show some version of a "lock" and include the letters "HTTPS"; an example from Chrome is in the image below. To be clear, being in "HTTPS" vs "HTTP" does not guarantee against invasions of privacy or remove any personal responsibility for security, but is better on a relative basis.
David R Wattenbarger, president of DRW Financial
FCL LLC (“DRW Financial”) is a registered investment advisor offering advisory services in the State(s) of TN, GA, IL, OK and in other jurisdictions where exempted. Registration does not imply a certain level of skill or training. The presence of this website on the Internet shall not be directly or indirectly interpreted as a solicitation of investment advisory services to persons of another jurisdiction unless otherwise permitted by statute. Follow-up or individualized responses to consumers in a particular state by DRW Financial in the rendering of personalized investment advice for compensation shall not be made without our first complying with jurisdiction requirements or pursuant to an applicable state exemption.
All written content on this site is for information purposes only. Opinions expressed herein are solely those of DRW Financial, unless otherwise specifically cited. Material presented is believed to be from reliable sources and no representations are made by our firm as to other parties’ informational accuracy or completeness. All information or ideas provided should be discussed in detail with an advisor, accountant or legal counsel prior to implementation.