Photo of a woman protecting her online accounts.

Worried about retirement savings security? 5 tips help protect your online accounts.

Many of us spend a lot of time online taking care of all our financial to-dos: banking, paying bills, shopping, transferring money to friends, and accessing investment and 401(k) accounts.

But how much time do you spend securing your online accounts? Unfortunately, if you’re like most, not enough: More than two out of three people rely on the same password for more than one account.1 That’s a bonus for increasingly sophisticated attempts by cybercriminals to hack into your digital life.

“If you use the same, simple password for multiple accounts, then you’re making it even easier for them,” says Meg Anderson, vice president-chief information security officer at Principal®.

You can take steps for more secure accounts online, particularly when it comes to your financial savings. And you can dig deeper with companies to ensure they have processes in place to guard your money, too. Here are five steps to get started.

1. Use two-factor authentication (2FA) or biometrics whenever you can.

Extra layers of security help; those include a passcode, fingerprint, or facial recognition (called biometrics) for your phone and apps, and 2FA (a unique login code sent to your device). (Principal offers two factor authentication for IRAs and retirement accounts.)

2. Turn your passwords into ‘passphrases.’

Passphrases are stronger than passwords; they’re simply a phrase (such as a song lyric) that is easy for you to remember, but hard for others to guess. For example, “My little blue dog has a funny nose, too!” with characters, numbers, and both upper/lower case letters becomes a passphrase: “My1itle(Blue)D0ghas^FunnyNose2#”.

Tip: You can use a strong passphrase when you open a Social Security account online. Or, watch the webinar Security check: Are you protecting your information?

What is Principal doing to help keep your retirement accounts more secure?

Principal is committed to cybersecurity best practices to help protect your online accounts. This includes:

  • requiring Principal two-factor authentication,
  • conducting ongoing testing, and
  • working closely with government agencies.

Principal is a Medal Award Winner for Cybersecurity and Privacy2 and offers a customer protection guarantee to reimburse participants of employer-sponsored retirement accounts for losses from unauthorized activity occurring through no fault of their own.3 Learn more about the steps Principal takes to protect your data.

3. Try a password safe or vault.

Apps like LastPassDashlane, and 1Password rely on a master password, and then the app’s “vault” remembers and auto-fills all passwords you enter. These apps can also generate and remember complex passwords for nearly any site.

Tip: If you’re a small business owner, these six steps can help boost your cybersecurity.

4. Protect your devices in public spaces.

This includes free internet access in coffee shops and airports. “Think twice before connecting to networks that don’t require any type of registration or access code and use them only as a last resort,” Anderson says—especially if you’re completing financial transactions or forms with personal information.

In addition:

  • Be on the lookout for “shoulder surfers” and anyone listening to conversations.
  • Physically secure your devices. Never leave them unattended.
  • Cover your camera on your laptop or mobile device.

5. Doublecheck your downloads.

Check that all apps you download are from reputable sources. And don’t click on links in emails or texts, give out login credentials, or open attachments that look suspicious—or that you’re not expecting: One out of every 99 emails is phishing.4

Tip: Take the Federal Trade Communication’s quiz to learn about how to avoid phishing scams.

“Listen to your gut if something doesn’t seem right. If your dad wouldn’t normally email you weight loss tips, chances are he’s been hacked. Don’t click—call and let him know so he can secure his account by changing his password,” Anderson says.

What if you’re hacked?

Next steps

  • How strong is your retirement account online protection? You can update your password at any time. If you have two-factor authentication enabled, when you log in, you’ll be prompted to enter a one-time code that’s sent to your mobile device. If you don’t have this enabled, check settings to add it. Log in today to get started.

1 Security.org

2 Financial Advisor IQ Service Awards, September 2021

3 Employer-sponsored retirement plans are defined benefit or defined contribution. The guarantee applies to employer sponsored defined benefit, ESOP or defined contribution plans and is effective for unauthorized activity that occurs through no fault of your own. Exclusions to the policy may apply. https://www.principal.com/customer-protection-guarantee

4 DarkReading

LastPassDashlane, and 1Password are not affiliates of any member company of the Principal Financial Group®.

This communication is intended to be educational in nature and is not intended to be taken as a recommendation.