How to keep your financial accounts safe?

Ask your investment, budget, and other money related questions here
Post Reply
User avatar
C40
Posts: 2748
Joined: Thu Feb 17, 2011 4:30 am

How to keep your financial accounts safe?

Post by C40 »

In the world of brokerage accounts, bank accounts, etc: what should we do to ensure we are protecting that money from problems related to the account, login info, the data security of the brokerage/bank themselves, etc etc.. ?

I have thoughts on this myself, but I'm curious what strategies you recommend, and what resources you recommend reading/following/using

ertyu
Posts: 2893
Joined: Sun Nov 13, 2016 2:31 am

Re: How to keep your financial accounts safe?

Post by ertyu »

While I haven't implemented these yet, I've been thinking about this also which is why I asked if anyone was registering their shares. Dumb as it is, I think the safest option these days is almost a pen-and paper password storage system. I find it difficult to manage the increasing amount of passwords required. I've also thought about having a dedicated device for financial matters only, maybe an older laptop that's been wiped clean, to minimize the chance of spyware etc. Running linux too, maybe.

I can't help but think though that as I age, any insecurity to my accounts would be due primarily to the human factor / cognitive decline

Scott 2
Posts: 2824
Joined: Sun Feb 12, 2012 10:34 pm

Re: How to keep your financial accounts safe?

Post by Scott 2 »

Other than using established, regulated financial institutions, I haven't done much to protect from failure of the US banking system. If it truly collapses, I'm not surviving the subsequent chaos anyways.

Otherwise - I run a password manager, using the provided security audit tools. I also enable two factor authentication whenever possible, using a physical security token. These are measures my wife can also follow. We keep our credit frozen and monitor our accounts. Getting at our assets requires more time than the monitoring interval on our accounts. One reason I prefer mutual funds over ETFs. It's annoying, but security tends to be.

Besides the typical spam and phishing attacks, I find credit cards to be the biggest weakness. Every couple of years one is compromised. We've typically learned about it within the day. The banks have always made us whole. Maybe worth saying, we don't use debit card transactions. The protections aren't as good.

I worked with a guy who insisted upon banking from his ultra secure pen drive Linux instance. IMO, that's overkill. Much more likely someone falls prey to a social engineering attack, especially as they age. I think that's one of the strongest arguments for considering an annuity, as one's mental facilities begin to fade. There's no chance he's running that pen drive linux at 90.

User avatar
Sclass
Posts: 2791
Joined: Tue Jul 10, 2012 5:15 pm
Location: Orange County, CA

Re: How to keep your financial accounts safe?

Post by Sclass »

This is really an important question. I’m going to discuss it in some general terms.

I silo my stuff. Separate accounts, credit cards, physical mail, paperless into a multitude of small silos. Eventually we’ll be attacked. I seek to limit the loss rather than eliminate all possibility of loss.

I stay away from systems where one key unlocks everything.

bostonimproper
Posts: 581
Joined: Sun Jul 01, 2018 11:45 am

Re: How to keep your financial accounts safe?

Post by bostonimproper »

It really depends on what risk you are trying to address.

In terms of general data security and account safety: Turn on two-factor authentication for everything, don’t use SMS for your second mode of authentication. Yubikey as your second mode of auth is the most secure if it’s an option, since it requires it being physically on your person. Use different passwords for different accounts— the best way for most people would be to use a password manager like 1Password, Lastpass, etc. Memorize the passwords for your password manager and primary email address, stick everything else in the password manager.

If you’re worried the bank itself having some sort of clerical error, save monthly statements and monitor on a regular basis.

If you’re worried about bank or government seizure of assets, well, go where there isn’t some sort of sovereign dominion (blockchain, etc.).

User avatar
Sclass
Posts: 2791
Joined: Tue Jul 10, 2012 5:15 pm
Location: Orange County, CA

Re: How to keep your financial accounts safe?

Post by Sclass »

bostonimproper wrote:
Sat Nov 26, 2022 10:37 am
It really depends on what risk you are trying to address.
Good point. I like Scott’s suggestions for this reason. Credit cards are the low hanging fruit that seems to be the majority of the problems. I lower my credit limits and use one card for most of my day to day transactions. If they get me how much can they really take? Nothing worth losing sleep over.

Using paper passwords exchanges one set of problems for another. My old sys ad at the university always warned us “if you want to keep a secret don’t put it on a computer.” But then what if you’re burglarized? Or you have a nosey tinder date?

Real world?

Right now there is a disturbing trend in our area where mailboxes in luxury condos are being pilfered in mass. They caught a guy two months ago. On searching his home they found meticulously constructed files and profiles of thirty individuals from our area. He’d been working on it for months. These are the long gamers looking for the big fish. Rare.

There is the phishing idiot trying to get me to divulge my Amazon account info for ITunes cards or tax relief payments. Common.

There are the roving salesmen selling my late mom major home repair services going into the tens of thousands. It was a huge problem when she started spinning out with dementia.

Mail theft and check washing is really common in my town. Automated payments exchanged one set of problems for another but given the check washing outbreak here I’m going to merge my remaining paper bills to auto payment from my credit card. I have a few holdouts who want paper checks mailed in.

There’s the burglar who steals a computer or mobile device. This is common but I suspect the phones are just wiped and resold. Encrypt and use biometrics.

Makes sense to Pareto the risks and build your defenses appropriately. I worry about my network traffic but if somebody is smart enough to snoop my packets and get around two factor authentication I’m probably done in. They deserve the pay because they’d probably be doing better selling their skills legitimately. :lol: That’s where the siloing comes in.

User avatar
Chris
Posts: 773
Joined: Thu Jul 22, 2010 2:44 pm

Re: How to keep your financial accounts safe?

Post by Chris »

There are many, many ways for people to part you from your money. A lot of good comments here so far. I'll add a few more:

1. Reduce paper statements. This helps against mailbox looting.

2. Use a dedicated email address for financial accounts only. Email account hijacking unlocks a lot of doors for thieves, since once they have access to your email, then can request password resets for other accounts. If your bank email address is different from your Amazon email address, that's one more piece of info that a thief would need to discover before attacking your bank account.

3. Use an offline password manager. Lots of people use password manager services, but I'm more comfortable holding the data myself, and not relying on a service that may disappear. There are several open source options out there. You can even just use a text file which you encrypt/decrypt with GPG. This is probably the most futureproof option, because software and operating systems will change over time.

4. Use a low-balance checking account for the ATM card you carry daily. This will help you from being wiped out in the event of express kidnapping.

ducknald_don
Posts: 322
Joined: Thu Dec 17, 2020 12:31 pm
Location: Oxford, UK

Re: How to keep your financial accounts safe?

Post by ducknald_don »

KeepassXC is a good open source password manager. Not quite as polished or convenient as 1Password or LastPass but no subscription and you get to keep everything local.

In terms of two factor auth you are at the mercy of your financial institutions, here in the UK most of them use SMS for authentication. I haven't done it yet but plan to move anything financial to a dedicated number as it's fairly easy to find my main number.

Once I get old(er) and decrepit I'll let my sons handle it all.

Scott 2
Posts: 2824
Joined: Sun Feb 12, 2012 10:34 pm

Re: How to keep your financial accounts safe?

Post by Scott 2 »

One reason we favored the commercial password tools, is estate planning. It doubles as the account list for our executor. I did feel better once we attached the physical two factor auth token to it, along with our other critical accounts. Multiple tokens actually. If the security works properly, and you lose the token, the only access option is your backup token.

SMS/Text is much better than nothing, but not a great two factor auth solution. It is vulnerable to a variety of low hanging attacks. Ability to use solely a physical security token, strongly influenced our choice of bank and brokerage. Some places let you configure the physical token as an additional option, which IMO, largely defeats the purpose.

User avatar
Ego
Posts: 6359
Joined: Wed Nov 23, 2011 12:42 am

Re: How to keep your financial accounts safe?

Post by Ego »

Scott 2 wrote:
Mon Nov 28, 2022 9:32 am
SMS/Text is much better than nothing, but not a great two factor auth solution. It is vulnerable to a variety of low hanging attacks. Ability to use solely a physical security token, strongly influenced our choice of bank and brokerage. Some places let you configure the physical token as an additional option, which IMO, largely defeats the purpose.
Another option is to upgrade to Google's Advanced Protection and then use a Google Voice number for SMS verification. This has the added benefit of being useful even if you are traveling (as @C40 is) and do not have an active sim. You can receive the SMS code on both phone and desktop. The GV account is protected with the physical token/key. I've read that it is useful to pay $20/year for a Google One account to get their priority customer service if you have login problem.

An option for banks/brokerages that do not permit the use of physical security keys/tokens but permits authenticators that generate codes is to use the Yubico Authenticator which requires a physical key to work.

jacob
Site Admin
Posts: 15907
Joined: Fri Jun 28, 2013 8:38 pm
Location: USA, Zone 5b, Koppen Dfa, Elev. 620ft, Walkscore 77
Contact:

Re: How to keep your financial accounts safe?

Post by jacob »

C40 wrote:
Fri Nov 25, 2022 9:02 pm
I have thoughts on this myself, but I'm curious what strategies you recommend, and what resources you recommend reading/following/using
Many years ago, I read a book on how to be paranoid on the internet or in life in general. My conclusion was that anyone who wants to can find you and it's only a matter of the amount of resources they're willing to dedicate to it.

This begets two strategies:
1) Don't behave in a way that makes anyone want to find you. By "you" I mean whatever it is that you're concerned about whether it's financial details or political details or your actual opinion about your weird family members.
2) Behave in a way that makes it sufficiently expensive enough for anyone who wants to find you to not want to pay the price of doing so.

There's actually a third strategy I got from playing Squad Leader. Don't laugh. How to best arrange obstacles like barbed wire? Barbed wire is best arranged in a somewhat random and annoying fashion so that the enemy is often but always get snagged. (The cost goes up.) The worst way is to build a wall. A wall only has to be penetrated one time in one place. It's the dumbest defense possible aside from having no defense at all. (Having nothing to defend is also a pretty sweet defense.) While we tend to think of ourselves as wealthy, our six/low seven fig NWs aren't of much interest to most criminals (not worth it.).

WFJ
Posts: 416
Joined: Sat Apr 24, 2021 11:32 am

Re: How to keep your financial accounts safe?

Post by WFJ »

1. Two-factor identification
2. Email notification for any transaction over $100
3. Email notification for any trades, transaction, transfers.
4. Have accounts at several firms, ask rep to put some kind of "transaction/transfer warning" in the notes on accounts (nearly all systems have a place for reps to make Notes for all accounts).
5. Never access email in public Wi-Fi associated with financial accounts.
6. Lock accounts with credit reporting agencies, email notifications for credit pulls.

Credit cards are surprisingly easy to hack as it seems to happen all the time. Bank accounts, brokerage accounts, similar are more difficult to hack.

Even with above, if someone targets you, there is almost no way to prevent some level of fraud, but the losses are almost always absorbed by the financial institution if one deploys some of above tactics.

Post Reply