Social Media Adviser

8 tips for keeping your passwords safe on social media, the web and in apps

If you're like millions of Americans, it could be a matter of when, not if, someone gains access to your accounts

Apr 24, 2017 @ 10:16 am

By Scott Kleinberg

First you log into your favorite social media platforms, then you give careful thought to what you want to share. Hopefully you check spelling and grammar, and make every post count.

But how much thought do you give when you are logging in, specifically, when you're typing in your passwords? How secure are they? My well-educated guess is not secure enough. If they contain your birthdate or significant other's name they might even be dangerously unsecure.

The last thing you ever want is for someone to gain access to your accounts, and that goes for social media and anything else you do online. But if you're like millions of Americans, that could be a matter of when, not if.

For the past several years, SplashData, a leading provider of security applications and services, has released its list of worst passwords. The number one and number two worst passwords in 2014, 2015 and 2016 were "123456" and "password." Let's be clear: Those aren't passwords. Those are dreams for hackers and identity thieves. And that's how people are securing their most important content.

The rest of the list of 25 is just as painful to read, so I'll spare you. (Football? Welcome? REALLY?) But take it from someone who has spent years securing accounts for major brands when I say it's important to have secure passwords and a plan for keeping them that way.

As financial advisers, you spend so much time making sure your clients heed your valuable advice. With that, I'd like to return the favor with my top tips for keeping your content and data safe for social media, on the web and in apps.

• It's not about convenience.

Good, secure passwords shouldn't be easy to remember. If your LinkedIn account gets hacked, I'll bet you a cup of coffee — the expensive kind — that you'll spend more time trying to get the problem resolved than you would have if you would have taken a few minutes to come up with a strong password in the first place.

• Always keep your browser up to date.

The latest ones not only offer to choose a random secure password for you, they'll store it in your computer's keychain so you don't have to type it every time.

• Or go the DIY route: Google the words "strong random password generator."

Results will include several websites that will choose a password for you. You can choose the strength and number of characters. There are different schools of thought on how much is too much, but I recommend at least 16 characters consisting of a mix of upper and lowercase letters, numbers and symbols. Most of these websites explain that anything 16 characters and more is strong, while 15 or fewer is weak.

• Your passwords are valuable, so treat them that way.

I recommend a locked/secure spreadsheet online. I once met someone who kept a handwritten list in a safe deposit box. Both very smart.

• Never use the same password for multiple websites.

Your LinkedIn password should not be the same or close to the password you use to log into your credit card accounts. Remember: Easy isn't the goal here. Put it this way: If you use the same password for 25 websites and someone guesses it, 25 websites have the potential to be compromised. It doesn't mean it will happen, but do you really want to take that chance?

• Use two-factor authentication or multi-level protection.

You know those sites that text to your phone a code that you need to enter before you can log in? That's for your own good and an excellent way to keep prying eyes out. If you deal with websites that offer this level of protection, take full advantage.

• Consider a password manager.

There are many software options available to help you store and organize passwords. The beauty of a good password manager is the passwords are encrypted under one main very strong password. So instead of logging in to each thing, there's just one.

• You should still change your passwords — even secure ones.

Nothing is worse than 123456 or qwerty, but never changing your passwords isn't wise either. My rule of thumb is to change passwords every year. Some prefer to do it twice a year when Daylight Saving Time begins and ends. Change the batteries in your smoke detector, change your passwords. Just make sure you remember to update your spreadsheet/lists.

You can accomplish all this in about 15 minutes. If we can spare 15 minutes to save money on our car insurance, surely we can spare 15 minutes to secure our digital footprint. And while you may never be a victim of hacking or identity theft or even a suspicious login attempt, do you really want to take that chance when the solution is this simple?

If you have a social media question or an idea for a column topic, or if you have thoughts about this column or any previous ones, please let me know. Tweet them to me with the hashtag #socialmediaadviser or email me at

And remember to follow me on Twitter at @scottkleinberg.

Thanks for reading Social Media Adviser.


What do you think?

View comments

Upcoming event

Jul 09


Boston Women Adviser Summit

The InvestmentNews Women Adviser Summit, a one-day workshop now held in six cities due to popular demand, is uniquely designed for the sophisticated female adviser who wants to take her personal and professional self to the next level.... Learn more

Most watched


Young professionals see lots of opportunity to reinvent the advice experience

Members of the 2019 InvestmentNews class of 40 Under 40 have strategies to overcome the challenges of being young in a mature industry.


Young advisers envision a radically different business in five years

Fintech and sustainable investing are two factors being watched closely by some of the 2019 class of InvestmentNews' 40 Under 40.

Latest news & opinion

Wall Street lashes out at Sanders' plan to pay off student debt with a securities trading tax

Financial pros argue that a transaction levy will hurt mom-and-pop investors along with investment houses.

GPB paid B-Ds and reps steep commissions to sell troubled private placements

GPB paid commissions of 9.3%, or $167 million altogether, on the firm's private placements.

Give us a break, active managers say

Seven portfolio managers share their outlooks for the rest of the year, generally agreeing that it's been hard for active managers to stand out.

GPB Capital reports decline in value of two biggest funds

One has dropped by 25.4% and the other by 39%, according to the company.

6 ways Social Security will change in 2020

As the enormous baby boomer generation continues to march toward retirement, they are straining the resources of Social Security. Here are six ways that the nation’s primary retirement income program will change in 2020.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting It'll help us continue to serve you.

Yes, show me how to whitelist

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print