Be Careful with Your Credentials and Passwords!

Emily Lambert, IACCP®, Vice President, Operations and Chief Compliance Officer

Cybercriminals are always aiming for credentials and passwords, and they do whatever it takes to capture them.


Cybercriminals are always aiming for credentials and passwords, and they do whatever it takes to capture them. Once stolen, it is possible to access, manipulate, and destroy sensitive data, and even make improper financial transactions. Your credentials and passwords grant access to your personal kingdoms so please be careful with this information, they are very valuable! 

We’ve compiled a few tips to help you keep your credentials and passwords safe: 

  • Before entering your login and password, check the web address of the pages. Beware: fake sites can copy the layout of the original page, changing the web address by just a few characters. 
  • Watch out for emails that lead to web pages which ask for your credentials immediately. When in doubt, do not divulge information. 
  • Use multiple passwords, this makes it more difficult for hackers to access your information. Do not use the same password on different devices and platforms. 
  • Do not write down credentials in notebooks, post-it notes, virtual notes or any other means of identification, electronic or physical.  
  • Create passwords that are easy to remember but difficult for an intruder to deduce.  
  • For storage of credentials and passwords always use, if available, a reliable password manager. 
  • Never use your credentials and passwords to create accounts on social networks or virtual stores. 
  • Never share your passwords with others; they are personal, non-transferable, and should never be revealed. 

And, a few tips to help you create strong passwords:

  • Use long passwords, aim for 16 unrepeated characters.  Length trumps complexity with passwords; longer passwords are harder to decrypt if stolen. 
  • Frequent password changes lower your security.  Create passwords with longevity in mind and change it only if you think your account has been compromised. 
  • Avoid using personal or family data such as name, surname, date of birth
  • Avoid using number of documents and personal or corporate phone numbers
  • Avoid sequences of letters or numbers on your keyboard (eg zxcvbn or 456789)
  • Swap our letters for numbers and symbols 
  • Add multi-factor authentication (MFA) whenever possible as an added layer of protection

Emily Lambert

Emily is responsible for various aspects of compliance, accounting and information technology for the firm; as well as maintaining core operational data for all client portfolios.


Get the latest content from Beyond the Bell