Unless you’re an unbanked or underbanked person, most of your personal and financial information is online.
That means it could be accessible to hackers and thieves who can cause headaches (and financial loss) as you try to clean up their mess. Keeping your information as secure as possible will help you avoid these headache and keep your finances moving forward.
Whether you’re more worried about nameless hackers, nosy roommates, or kids who want to use your credit cards, here are a few of the best ways to secure your financial information.
1. Monitor Your Financial Statements
Fully preventing financial fraud is impossible, but monitoring your finances can reduce the damage it causes. The faster you catch the fraud, the easier it is to clean it up. These are a few things that you should monitor regularly.
This may sound counter-intuitive, but your should be using a third-party aggregator to monitor all your accounts. Let's be real, most of us have 5-10 accounts (checking, savings, credit cards, debit cards, loans, and investments - IRA, 401k, HSA). Then, if you add in a spouse, you can really add up the number of accounts to check.
The best way to keep track of all of this is to use a service like Personal Capital or Kubera, where you link all your accounts and can see everything in one place. Plus, these apps update your transactions and balances, so you can quickly spot anything suspicious. You're going to be more likely to spot any issues (and spot them faster) if you have everything in one place.
From a security standpoint, these apps also only read your transactions. They can't access your money.
2. Don’t Give Out Your Information
Your account numbers and social security number are private information. Don’t give this information out unless it's required for tax purposes. Most employers will allow you to provide this information in person so that you don’t need to send it via email.
This sounds simple enough - but too many people fall for scams every year.
3. Use Strong Passwords
Strong passwords are the first line of defense against hackers, thieves, and children who may be inclined to order thousands of dollars of popsicles from your account.
Rather than single words, consider passphrases (three or more words), or using randomly generated passwords from a password manager like Dashlane, Lastpass, Onelogin, etc.
Plus, you should NEVER reuse passwords. One password per website. That way, if one website's passwords get compromised, none of your other accounts can be accessed
Using a password manager has been key to helping me develop and maintain strong and varied passwords across many sites. It allows me to create a password for each website and not have to remember them. Plus, the passwords are crazy - like 14 characters long with $%_ and more.
You need to take extra caution with your email account - since password reset requests will inevitably be emailed to you. If your email is compromised, you can lose access to everything.
If there is one password you NEVER reuse, please make it this one. Make this one challenging - 20+ characters. And never use it anywhere else online.
If you want to take it a step up, you can create an email account only for your financial accounts, that you also never use anywhere online. That would increase security as well.
4. Use Multi-Factor Authentication
Multi-factor authentication involves using two or more methods to verify who you are. For example, at an ATM, you’ll use your debit card and a PIN to authenticate. Most websites and apps also offer multi-factor authentication. Whenever possible, I use a Yukikey or authenticator app as my secondary form of authentication. Only someone with access to my physical keys and my account will be able to log in.
You could take this up a notch, and establish a Google phone number just for your financial accounts. That would make it more difficult for a hacker to locate your code if they were to get access to your physical device through malware. Plus, the Google phone number will go to your secure email (which you should have secured above).
One way to force a secondary form of multi-factor authentication is to use a device like Yubikey. This $45+ device allows you to establish secondary authentication using the physical key itself. You can setup multiple keys for things like your email. You keep one on you, one in your desk drawer, and one in your safe. That way, if you lose one, you still have access.
Remember, your financial accounts may be connected to many other accounts (including your social media accounts or cell service account), so try to set up multi-factor authentication on all accounts, not just financial accounts. Think things like Facebook, Twitter, Dropbox, and more.
5. Keep Your Documents Secure In Transit
Don’t email your financial documents even if you’re working with a broker, a loan officer, an accountant, or another tax professional. All financial advisors should have secure web portals designed for clients to submit their records.
If speed is of the essence in a certain transaction, a financial professional may request that you email information to them. Don't do this, even if you trust the professional.
Instead, request a link to their secure document uploading site. While this will slow down the process by a few minutes, it's well worth it to keep your financial information secure.
6. Keep Your Devices Up To Date
Hardware companies are constantly pushing patches that keep the operating system safe and secure. Install these patches as soon as they become available to keep your personal information safe.
If there is any information you're really worried about, don't keep it online or connected to the internet.
7. Use The App, Not The Site
If you want to check your financial accounts from your phone or tablet, use an up-to-date version of the app. Don’t use the site, even if it is mobile optimized. The apps tend to have more robust security than the website. And they typically don’t store data on the app.
8. Shred Your Documents
One often overlooked aspect of account security is the information on your financial statements. Financial statements should be either shredded immediately, or (if possible) reviewed digitally.
If you work in an office, you may be allowed to use the company’s secure shredding box to secure your financial information. Check with your office manager to learn your company’s policy.
When You Might Need Extra Security
Most people can keep their financial and personal information safe using the steps outlined above. But there are a few times to consider extra security measures. These are a few times you’ll want to make sure your accounts are extra secure.
You’re Traveling Abroad
International travel can include some uniquely risky situations. You may be unfamiliar with which open wifi networks are safe (hint, generally none) and which are dangerous. You may also be more likely to share financial information when you’re not familiar with the language or customs.
In general, it pays to continue to use all the tips above and to use only a credit card (with no foreign transaction fees) while traveling abroad.
You Invest In Non-Protected Assets (Like Crypto)
Most “traditional” financial assets (like stocks, bonds, ETFs, mutual funds, cash, etc.) are insured by brokers and banks. That means that you're protected against loss in the case of theft (including hacks).
However, you may invest in non-insured assets like cryptocurrency. If a crypto exchange or your crypto wallet is hacked, you could lose all your funds.
Individuals who invest in uninsured assets should consider taking extra measures of precaution. Examples may include buying a hardware wallet or storing passphrases in a fireproof lockbox. You might want to get a Billfodl or similar and keep it in a safe - not storing your private keys where they can be accessed in a security breach.
You’re Wiring Money
Wiring money is fraught with the risk of theft and fraud. When you’re preparing to wire money (especially large cash transfers such as the amount needed for a home down payment), take extra precautions.
Call the Title Agent to verify all instructions over the phone. Do not take last-second changes to the routing information without confirming verbally with the agent. As a best practice, wiring instructions should only be sent via secure emails or in secure documents. If possible, see if you can avoid wiring money altogether.
You Have An Untrustworthy Roommate Or Relative
Financial information and personal information are closely linked. The people that you live with are the most likely people to have access to your personal information. And they may be able to use that information to access your financial accounts or open new, unauthorized accounts in your name.
This can include anything from using your credit cards to make purchases to more egregious measures like taking out a loan with your ID. If you don’t fully trust the people you live with, you'll want to take further steps to guard against identity theft. Additional ways to secure your financial information include:
Taking these steps (along with the general best practices) should deter those close to your from stealing your identity. While these may seem like overkill, it's far better to prevent theft from family members and friends than to try to deal with it after the fact.
A little extra diligence goes a long way. Regular “security hygiene” such as changing passwords, installing updates, and adding secondary authentications can all help to secure your financial information. Just a little extra work can help keep your information in the right hands and your money in your accounts.
Robert Farrington is America’s Millennial Money Expert® and America’s Student Loan Debt Expert™, and the founder of The College Investor, a personal finance site dedicated to helping millennials escape student loan debt to start investing and building wealth for the future. You can learn more about him on the About Page, or on his personal site RobertFarrington.com.
He regularly writes about investing, student loan debt, and general personal finance topics geared towards anyone wanting to earn more, get out of debt, and start building wealth for the future.
He has been quoted in major publications including the New York Times, Washington Post, Fox, ABC, NBC, and more. He is also a regular contributor to Forbes.