What’s in your password?

January 02, 2019 by Selena Quintanilla
Malware on a phone

At TaxAudit, we take cybersecurity very seriously. Our Software Engineering department works around the clock to safeguard our network, and each team member has an individual responsibility to protect sensitive information. In addition, team members company-wide participate in regular trainings to guarantee that we have the most up-to-date information on the latest social engineering and phishing schemes.  
When sitting down to prepare taxes, whether for ourselves or a client, password security may be the last thing on our minds. But realistically, it should be one of the first.  
With cybercriminals becoming savvier by the day, the IRS urges taxpayers to review online accounts for updated, more effective standards put in place to protect passwords. Doing so will help guard against attempts to access accounts and steal identities or personal information. 
Here are some things to keep in mind when reviewing, creating, or updating passwords: 

Formulate unique connections
Passphrases should be concepts that make sense to you, but something that strangers could not easily guess. You should avoid easily discoverable passwords that contain personal information – and while special characters and numbers should be utilized, it’s best to refrain from including them in sequential or repetitive order.  

  • Good example: Brav3LittleT0aster0ven!. 
  • Bad example: KittyCat123 

Many cybercriminals do extensive research before attempting to infiltrate a system. If you regularly boast about your children, pets, etc., on social media, it's safe to assume that these will be among the first phrases hackers try as your passwords. 
Use a different password or passphrase for each account
This step is simple but highly effective. The last thing you want to do is help a cybercriminal gain access to your most personal data by using the same password for multiple sites.  
Consider using a password manager
Keeping up with the latest security standards while trying to memorize passwords for multiple sites can be overwhelming, and if you're anything like me you'll end up locking yourself out of accounts more times than you can count. For this reason, I use a password manager. The software I use stores my login credentials for multiple accounts in a secure portal, and I only need to memorize one master password to access it. The software also alerts me if I am using the same password for more than one site and generates secure passwords upon my request. 
Use multi-factor authentication whenever possible
Passphrase alone should not be trusted to protect sensitive data. The use of multi-factor authentication forces account holders to enter more than just their username and password to access an account. In most cases, a time-sensitive code will be sent to the account holder’s mobile device and will need to be entered in addition to login credentials.   
Change all factory-set passwords
Many wireless devices, such as printers and routers, come with preprogrammed passwords. When you purchase new equipment, be sure to update this information as soon as possible. 
Limit the use of free Wi-Fi networks
Most of us have been to a local coffee shop to wrap up a last-minute school report or work assignment and have hooked up to the free Wi-Fi network for a faster and stronger internet connection. Sometimes this cannot be avoided, but the data that we access while linked to these networks should be limited, as security settings are often lax or nonexistent. Never access personal identifiable information while working on a free Wi-Fi network. 



Selena Quintanilla, CTEC
Communications Associate


Selena Quintanilla is a Communications Associate at TaxAudit, and a California Tax Education Council (CTEC) registered tax professional. She is now on a mission to bring clarity and comprehensibility to a topic that keeps us all up at night at least once a year-TAXES! Please, send coffee! 


Recent Articles

House for Sale
Details regarding the disposition of grouping of activities in order to more easily satisfy the material participation requirements for the RE Pro status.
Man opening a letter
IRS CP06A notice asks you to verify the Premium Tax Credit you claimed on your tax return with documentation. How should you properly respond to this notice?
Woman reading a letter and holding her phone
Notice CP14H is issued by the IRS to inform you of your unpaid shared responsibility payment that is due and to request that payment. How should you respond?
Man on phone while looking at a letter
IRS Notice CP21E informs taxpayers that an audit was recently done on their tax return and the IRS determined that those changes resulted in additional tax due.
This blog does not provide legal, financial, accounting, or tax advice. The content on this blog is “as is” and carries no warranties. TaxAudit does not warrant or guarantee the accuracy, reliability, and completeness of the content of this blog. Content may become out of date as tax laws change. TaxAudit may, but has no obligation to monitor or respond to comments.