Here are a few things that all of us here at Financial Architects do personally that we think many (most?) people probably don’t:
- Freeze your credit. At a minimum you should check your credit reports every year or so to make sure nothing is awry, but we think it is worth going to the next level and actually freezing your credit. Here’s how.
- Use a password manager. At a minimum you should be using strong passwords and not reusing them between sites. That’s pretty difficult do without using a password manager. Here’s a list of the top ones. In addition, for key sites such as financial institutions, we use two-factor authentication.
- Use a VPN. When out of your secure environment (your office, home, etc.) it is best to use a VPN when connecting to an unknown WiFi network. This risk has been decreasing as most sites now use secure connections (“https” rather than the old “http”). More here.
- Install updates. Always keep current versions of software not only on your phones and computers, but also on your routers and other internet connected devices (there are a lot these days). The updates include patches that fix security issues that have been uncovered. If you don’t update your software you are undoubtedly using tools with known security issues. More here.
- Wipe electronic devices before donating or discarding. It is amazing how many people and organizations donate or discard computers and phones with personal information still on them.
- Call organizations back on a public number. It is almost always a good idea to turn an incoming call into an outgoing call. When you get a call from “your bank” or “the IRS” the easiest way to know it is legitimate is to get the person’s name and extension and call them back on a number that you know is legitimate. In other words, don’t get the number from the caller!
There are many, many other things you could do but those six are those that we do ourselves yet we think most people don’t do. (I.e., you know to shred things by now so that isn’t on the list, and using disposable or multiple email addresses for security seems like overkill so we don’t do that.)