What’s in your password?

January 02, 2019 by Selena Quintanilla
Malware on a phone

At TaxAudit, we take cybersecurity very seriously. Our Software Engineering department works around the clock to safeguard our network, and each team member has an individual responsibility to protect sensitive information. In addition, team members company-wide participate in regular trainings to guarantee that we have the most up-to-date information on the latest social engineering and phishing schemes.  
  
When sitting down to prepare taxes, whether for ourselves or a client, password security may be the last thing on our minds. But realistically, it should be one of the first.  
  
With cybercriminals becoming savvier by the day, the IRS urges taxpayers to review online accounts for updated, more effective standards put in place to protect passwords. Doing so will help guard against attempts to access accounts and steal identities or personal information. 
  
Here are some things to keep in mind when reviewing, creating, or updating passwords: 

Formulate unique connections
Passphrases should be concepts that make sense to you, but something that strangers could not easily guess. You should avoid easily discoverable passwords that contain personal information – and while special characters and numbers should be utilized, it’s best to refrain from including them in sequential or repetitive order.  
 

  • Good example: Brav3LittleT0aster0ven!. 
  • Bad example: KittyCat123 

Many cybercriminals do extensive research before attempting to infiltrate a system. If you regularly boast about your children, pets, etc., on social media, it's safe to assume that these will be among the first phrases hackers try as your passwords. 
 
Use a different password or passphrase for each account
This step is simple but highly effective. The last thing you want to do is help a cybercriminal gain access to your most personal data by using the same password for multiple sites.  
  
Consider using a password manager
Keeping up with the latest security standards while trying to memorize passwords for multiple sites can be overwhelming, and if you're anything like me you'll end up locking yourself out of accounts more times than you can count. For this reason, I use a password manager. The software I use stores my login credentials for multiple accounts in a secure portal, and I only need to memorize one master password to access it. The software also alerts me if I am using the same password for more than one site and generates secure passwords upon my request. 
  
Use multi-factor authentication whenever possible
Passphrase alone should not be trusted to protect sensitive data. The use of multi-factor authentication forces account holders to enter more than just their username and password to access an account. In most cases, a time-sensitive code will be sent to the account holder’s mobile device and will need to be entered in addition to login credentials.   
  
Change all factory-set passwords
Many wireless devices, such as printers and routers, come with preprogrammed passwords. When you purchase new equipment, be sure to update this information as soon as possible. 
 
Limit the use of free Wi-Fi networks
Most of us have been to a local coffee shop to wrap up a last-minute school report or work assignment and have hooked up to the free Wi-Fi network for a faster and stronger internet connection. Sometimes this cannot be avoided, but the data that we access while linked to these networks should be limited, as security settings are often lax or nonexistent. Never access personal identifiable information while working on a free Wi-Fi network. 

SEARCH

 

Selena Quintanilla, CTEC
Communications Associate

 

Selena Quintanilla is a Communications Associate at TaxAudit, and a California Tax Education Council (CTEC) registered tax professional. She is now on a mission to bring clarity and comprehensibility to a topic that keeps us all up at night at least once a year-TAXES! Please, send coffee! 


 

Recent Articles

Beneficial Owner
What is beneficial ownership information reporting? If you aren’t certain whether it applies to you, this blog may help clarify the reporting requirement.
Eraser on chalkboard erasing the word Debt
Whether you can settle your tax debt through an offer in compromise will depend on what the IRS deems is your collection potential, or ability to pay.
Financial Penalty written on wooden blocks
Penalty abatement is the process of requesting the IRS remove penalties (this is called abatement). You need to demonstrate that there is a "reasonable" cause.
Child Support
Child support is not deductible for tax purposes. Child support payments are also not required to be reported as income by any person receiving them.
This blog does not provide legal, financial, accounting, or tax advice. The content on this blog is “as is” and carries no warranties. TaxAudit does not warrant or guarantee the accuracy, reliability, and completeness of the content of this blog. Content may become out of date as tax laws change. TaxAudit may, but has no obligation to monitor or respond to comments.