What You Should Have Done

Submitted by Guy Williams on June 3, 2020

Now that we are emerging from coronavirus lockdown, we have heard a lot of stories about downtime well used and others about binge watching TV. I admit that I did a bit of both. Some worthwhile projects were completed and some movies were binge watched.

In the Batman film, “The Dark Knight”, the Joker set up a social experiment that involved a moral dilemma. At a dramatic moment, a very large convict made the right ethical decision (I won’t spoil the movie by revealing the details in case you wish to watch the actually really good movie). When asked by a guard what he was doing, his response was, “I’m doing what you should have done 10 minutes ago.”

There is at least one thing that everyone should have done during this pandemic. You should have used this opportunity to change your passwords for your bank, investment and financial accounts and you should also have set up dual authentication on those accounts.

Dual authentication means that in accessing a sensitive account, you would need both a password and an approval from your cell phone. In this way, a hacker located overseas, and almost all of them are overseas, could not access your account unless they had both your cell phone and your password.

For bank and investment accounts, it is recommended to create complex lengthy passwords that include both symbols, numbers and upper-and lower-case letters. Examples are dontforgetwho$takinyUhome2night, Thereare50way$2leave and whereya@my504?.

You are looking for a password with length and complexity as well as something that you won’t actually write down but instead record a clue such as Michael Bublé anthem, Paul Simon escape song or Chalmette greeting to remind you of the password.

This seems like a lot of trouble, but bankers are seeing more and more sophisticated hacking attempts. I think that the hackers must have also been quarantined and are spending their time trying to break into bank accounts.

For websites that do not contain financial assets or sensitive information, you should still update to newer and more complex passwords. Also, be especially mindful of social media accounts such as Facebook that may not involve financial issues but could be very embarrassing and annoying to recreate if your passwords were stolen.

Another option is to use a password management app to create unique passwords. These work very well until the password app is hacked. On balance, we think that the risk of the password management app being hacked is less than the risk of one of your many online apps being hacked. So, we still recommend password management apps.

The hacking danger is not that you will give away your password, although some people do just that, but instead a company that you do business will be hacked and your passwords and personal information will then be sold on the dark web. Recent big data breeches occurred at Marriott International, Equifax, LinkedIn, Arby’s Restaurant Group and Adobe. If you used any of those apps, and almost everyone is in the Equifax data base, you should update your passwords.

So, it’s time, welcome to the new normal and do what you should have done – update your passwords.