Online security is one of the major priorities in businesses today. Especially with us in the financial planning industry, this is crucial in protecting our processes since most of the data (if not all) we’re dealing with are confidential.

Passwords are one common way to lock in these important information. It’s everywhere—from mobile phone apps to bank accounts to e-mails and other forms of communication—that sometimes it’s too hard to keep track of them all. Can you even count how many password-protected accounts you have created since the time you signed up for your first e-mail address?

It certainly is a hassle trying to remember all the unique passwords you have created. In VBP, we use a password manager called LastPass. It’s a “vault” that stores all our account usernames and passwords for different websites and platforms. It keeps everything in one place.

What we should stop doing

Admit it or not, we are all guilty of having poor practices in managing passwords. One of which is using weak passwords which makes it so easy for hackers to guess correctly with simple password-cracking tools. We are also guilty of re-using passwords. Using the same password across different accounts is something a lot of people continue to do.

Another common habit is having a master list or sheet of login usernames and passwords that is shared to everyone, and even writing them down in sticky notes in the desktop. The list could go on but for us who are in the financial planning industry, prioritising password protection management is a sure means to stay away from technical hitches.

Why we use LastPass

Using a tool like LastPass saves us time from remembering and manually listing down all our passwords. It also helps us to avoid the poor habits in password management. We use LastPass for the following reasons:

  1. It allows us to share our username and password (and even in groups) when necessary, without exposing the actual codes and pins. When there are changes in passwords, it automatically updates the shared ones.
  2. It is IP restricted which means that the staff can only use their LastPass accounts from the office internet connection.
  3. The client is in full control, they can revoke access and sharing anytime.
  4. Bulletproofing against phishing attacks and keyloggers.
  5. It has layers upon layers of protection in place to secure your data. Everything stored in LastPass are encrypted with a master key that only you have access to. To further protect this, they also have multifactor authentication and anytime someone logs in from a new device or location, you will be notified for verification.