Learn 6 important ways to stop hackers from jacking your finances

secure your money from hackers

Last week, hundreds of countries suffered “ransomware” attacks by a group of unknown hackers. Countless corporations and users were directly targeted, with their information made inaccessible through a sophisticated cyberattack. As media analysts predicted, this attack will likely be the first of many widespread hacking attacks to come.

Despite the fact that getting your computer or phone hacked might seem inevitable, it’s actually quite the opposite. By taking cautionary security measures, you can prevent your data and finances from ending up in someone else’s hands. You just need to follow these six simple steps and you’ll be on your way to having your own virtual Fort Knox in no time.

1. Don’t use crappy passwords.

If you have a bad or easily-guessable password, hackers could easily figure it out in a second. Every password should have at least one number, one special character ($, ?, !, *, etc.), and a combination of upper- and lower-case letters.

Instead of thinking of passwords as passwords, think of them as passphrases. For instance, Yarn?718 is a rather simple, short, and easily guessable password. YarnClockFireFridge718? is longer and much harder to guess. The more random and nonsensical your password is, the better.

When you create a password, avoid using the following:

  • The word password.
  • “123” or any sequential numbers.
  • Your name.
  • Anything anyone can easily guess.

For a good idea of how to create a strong password, check out this timeless XKCD comic:

XKCD | Creative Commons Attribution-NonCommercial 2.5 License

2. Don’t use the same password for everything (duh.)

So you made a secure password. Congratulations! Now you feel like you want to use that password for everything, given how secure it is. Boy, are you wrong!

If you use the same password for everything and hackers figure out that password for one site, chances are they’ll have access to all other logins on all other sites. After all, if your email is tied to every account you have and your password is the same everywhere, hackers could reuse they email and password combination over and over again.

“But remembering different, hard-to-remember passwords takes effort,” you’re probably saying to yourself right now. Sure, you could write it down on a piece of paper. If that paper falls into the wrong hands, you’re screwed. Fortunately, there’s a much easier solution.

3. Use a password manager.

Flickr/Sean MacEntee

If you have an iPhone or an Android device, congrats. You have access to a password manager. This helpful piece of software is built into most modern web browsers and, as you’ve already guessed, lets you store and manage passwords. This way, you can have different passwords for everything without having to remember any of them. You simply need to remember the password for your password manager.

Using a password manager is easy as pie. Depending on what software you use, you could use the built-in password manager for Apple devices or Google-made software. There are also other free-ish password managing solutions, like 1Password and LastPass, that remember and sync your passwords across all devices. These solutions sometimes cost a subscription per year (often around $5 a month), though not having to remember your passwords and keeping your data secure is worth it.

4. Two-factor authentication is your friend.


Two-factor authentication is like having a password for your password. It’s an extra several-digit number that changes every 30 seconds or so, and only you have access to it. Many financial sites and services use two-factor authentication to give your account that extra layer of security. This way, if hackers have your password, they won’t have your two-factor password (unless, of course, they physically have your phone).

There are two easy ways to implement two-factor authentication: through an app or through text. If you want to be super-secure, you can download an app like Google Authenticator and rely on that app to get your two-factor password. Otherwise, your two-factor information will be sent via SMS, which is slightly less secure, but still more secure than not having it in the first place.

If you want to implement two-factor authentication in your finance apps — which you totally should — consult the HELP section of each site and service to learn how. You can also visit Two Factor Auth to learn more about this important security measure.

5. Use a “secure line” for the internet.

Fun fact: the HTTP in the http:// address of a website means you’re probably on an unsecured website. While this doesn’t mean you’re going to be hacked or fed awful malware (we don’t use HTTP yet, and we’re totes secure), you also shouldn’t put any sensitive or important information on that site. If the site shows HTTPS instead of HTTP, it means the site is secure and okay to input sensitive information, like passwords and such.

Pretty much every finance site uses HTTPS these days, as do many popular sites on the internet. To be extra sure that you’re using HTTPS all the time, consider downloading HTTPS Everywhere, a browser plugin that does exactly what it says. If you want to go the extra mile, consider switching your browser to Brave, a secure browser that goes hard on HTTPS and security measures.

6. Update, update, update!

Whenever there’s an update to your phone, computer, or finance app, download and install it immediately. These updates almost always fix recently discovered bugs and issues that could leave your data in harm’s way. By keeping up-to-date on software and firmware updates, you’ll guarantee yourself the latest and greatest protection against virtual threats.

Using any of these security measures makes it a lot harder for hackers to access your sensitive financial information. Using all of them combined makes it downright impossible. By using unique, secure passwords, updated software, and advanced security measures like two-factor authentication and HTTPS, you can keep your stocks, bank accounts, and all financial information away from even the most expert hacker.