What’s in your password?

January 02, 2019 by Selena Quintanilla
Malware on a phone

At TaxAudit, we take cybersecurity very seriously. Our Software Engineering department works around the clock to safeguard our network, and each team member has an individual responsibility to protect sensitive information. In addition, team members company-wide participate in regular trainings to guarantee that we have the most up-to-date information on the latest social engineering and phishing schemes.  
When sitting down to prepare taxes, whether for ourselves or a client, password security may be the last thing on our minds. But realistically, it should be one of the first.  
With cybercriminals becoming savvier by the day, the IRS urges taxpayers to review online accounts for updated, more effective standards put in place to protect passwords. Doing so will help guard against attempts to access accounts and steal identities or personal information. 
Here are some things to keep in mind when reviewing, creating, or updating passwords: 

Formulate unique connections
Passphrases should be concepts that make sense to you, but something that strangers could not easily guess. You should avoid easily discoverable passwords that contain personal information – and while special characters and numbers should be utilized, it’s best to refrain from including them in sequential or repetitive order.  

  • Good example: Brav3LittleT0aster0ven!. 
  • Bad example: KittyCat123 

Many cybercriminals do extensive research before attempting to infiltrate a system. If you regularly boast about your children, pets, etc., on social media, it's safe to assume that these will be among the first phrases hackers try as your passwords. 
Use a different password or passphrase for each account
This step is simple but highly effective. The last thing you want to do is help a cybercriminal gain access to your most personal data by using the same password for multiple sites.  
Consider using a password manager
Keeping up with the latest security standards while trying to memorize passwords for multiple sites can be overwhelming, and if you're anything like me you'll end up locking yourself out of accounts more times than you can count. For this reason, I use a password manager. The software I use stores my login credentials for multiple accounts in a secure portal, and I only need to memorize one master password to access it. The software also alerts me if I am using the same password for more than one site and generates secure passwords upon my request. 
Use multi-factor authentication whenever possible
Passphrase alone should not be trusted to protect sensitive data. The use of multi-factor authentication forces account holders to enter more than just their username and password to access an account. In most cases, a time-sensitive code will be sent to the account holder’s mobile device and will need to be entered in addition to login credentials.   
Change all factory-set passwords
Many wireless devices, such as printers and routers, come with preprogrammed passwords. When you purchase new equipment, be sure to update this information as soon as possible. 
Limit the use of free Wi-Fi networks
Most of us have been to a local coffee shop to wrap up a last-minute school report or work assignment and have hooked up to the free Wi-Fi network for a faster and stronger internet connection. Sometimes this cannot be avoided, but the data that we access while linked to these networks should be limited, as security settings are often lax or nonexistent. Never access personal identifiable information while working on a free Wi-Fi network. 



Selena Quintanilla, CTEC
Communications Associate


Selena Quintanilla is a Communications Associate at TaxAudit, and a California Tax Education Council (CTEC) registered tax professional. She is now on a mission to bring clarity and comprehensibility to a topic that keeps us all up at night at least once a year-TAXES! Please, send coffee! 


Recent Articles

Woman looking in a parking space with her car missing
Since the government considers your vehicle to be just another piece of property, so is there a tax deduction for the theft of your car? Let's find out.
Private School Piggy Bank on a Calculator
There are some parts of the tax code that, in fact, can allow tuition fees to be fully deductible. However, in most cases you cannot deduct private tuition.
NOL form
If you suffered economic losses, you may have a net operating loss (NOL) on your taxes. Getting audited by the IRS for an NOL can be complicated.
You received an IRS notice CP162 in the mail. You are probably wondering why you received this notice and what it means – we are here to answer your questions.
This blog does not provide legal, financial, accounting, or tax advice. The content on this blog is “as is” and carries no warranties. TaxAudit does not warrant or guarantee the accuracy, reliability, and completeness of the content of this blog. Content may become out of date as tax laws change. TaxAudit may, but has no obligation to monitor or respond to comments.