Tax professionals should remember to use strong passwords on their accounts. This will help protect their clients’ data from cyberthieves.
Cybersecurity experts’ recommendations on what constitutes a strong password has recently changed. Here are some of the latest tips for tax professionals to follow when creating passwords to help keep data secure. They should:
- Opt for a multi-factor authentication process when available. Many email providers now offer customers two-factor authentication protections to access email accounts.
- Use word phrases that are easy to remember rather than random letters, characters and numbers that are harder to remember. By using a phrase, preparers don’t have to write down the password, which exposes it to more risk.
- Use strong, unique passwords for all accounts, whether it’s to access a device, tax software products, cloud storage, wireless networks or encryption technology.
- Use a minimum of eight characters; longer is better.
- Use a combination of letters, numbers and symbols; something like SomethingYouCanRemember@30!
- Avoid personal information or common passwords.
- Change default and temporary passwords that come with accounts or devices.
- Not reuse passwords. For example, changing Bgood!17 to Bgood!18 is not good enough.
- Not use email addresses as usernames.
- Store any password list in a secure location, such as a safe or locked file cabinet.
- Not disclose passwords to anyone for any reason.
- Use a password manager program to track passwords, but protect it with a strong password.
The IRS and its partners in the Security Summit are reminding preparers about the importance of strong passwords as part of the Tax Security 101 awareness initiative. This is intended to provide tax professionals with the basic information they need to better protect taxpayer data and to help prevent the filing of fraudulent tax returns.