Cyber security thieves are growing ever-more sophisticated, and it means that all of us need to be more diligent with protecting our digital or online information.
Registered Investment Advisers utilize the interface run by the FINRA (Financial Industry Regulatory Authority) for our regulatory reporting. Like all cloud or internet based, services, usernames and passwords are required to utilize the site and passwords need to be updated on a regular basis. Like many sites, Finra has adopted minimum standards in terms of character length and the inclusion of multiple character types within the password. Finra goes one step further in that the site also maintains a lengthy “Prohibited List” of words that cannot be included in the password on their site. Here are a few humorous takeaways that I gathered from the list:
- Passwords that include the names of popular pro sports teams are prohibited, including COWBOYS, GIANTS, LAKERS, YANKEES, REDSOX, or PACKERS. However, you can use less popular teams like MARLINS, CLIPPERS, or LIONS.
- BEER, BRANDY & COFFEE are prohibited, but WINE, VODKA, TEA and WATER are permitted (Good news- CARRYINS are allowed!)
- PEPSI is OK, but you can’t have COCACOLA
- You can use NICE, but not NAUGHTY.
- They permit BRUNETTEs and REDHEADS, but not BLONDES.
- You can’t get LUCKY, have MONEY, or reach for the STARS. You are not allowed to have DREAMS. You can use GOOD but not GREAT. You cannot have SUCCESS, but you are able to grab FAILURE.
- You can have a BURGER but no CHEESE. SALT, but no PEPPER. BREAD, but no BUTTER.
- You cannot have a BABY, but you can have KIDS.
- DRIVING and RACING are prohibited, as are MERCEDES, FERRARI, PORCHE, CHEVY, FORD, CORVETTE and MUSTANG. TOYOTA, NISSAN, VOLVO and BMW are OK.
- DANCING is permitted, but MUSIC is not allowed.
Seriously, please keep your data safe with good password hygiene using these tips:
- Use different passwords for every account or online profile
- Use passwords of at least 12 or more characters (more is always better)
- Do not use birthdays, names of children, pets or other personal information that people might be able to glean from your online social media accounts
- Always use four different character types (upper case, lower case, numerical and special) when creating a password
- If you are not sure, use a password checker tool to test the strength of a password
- If you cannot get creative, use a random password generator
- Always use multi-factor authentication when its available
- Use a password manager with strong encryption- do no store passwords in a file on your device
Authored by Tim Landolt, Director of Institutional Services