Free for 90 days: Sign up now and get 90 days managed free after your first deposit. See offer details


3 Steps to Improve Your Online Data Security

Betterment is likely only one of a host of apps you use online—and employing good security hygiene when you’re online is more important than ever.

Articles by Carley

By Carley Knobloch
  |  Published: January 16, 2015

Shorter passwords are easier to discover if websites or apps you use are compromised. Make sure passwords are long, random, and not related to anything personal.

Set up a secure password management system for yourself.

Don’t reuse the same password for multiple websites. If one of those websites is compromised, you’ll be protected elsewhere.

The vast majority of data compromises aren’t caused by company-wide breaches, but by something we as individuals can control—our passwords.

A 2013 study conducted by online security company Trustwave found that, out of 3 million passwords analyzed, 50% reached the barest minimum level of security.

Betterment is likely only one of a host of apps you use online—and employing good security hygiene when you’re online is more important than ever.

online data security

Know what you’re up against.

Hacker programs, such as Hashcat, work by guessing passwords very rapidly—up to 8 million per second. This is called a ‘brute force’ hack because the computer basically tries to force its way into your account.

There are four especially easy types of passwords to crack:

  1. A password that’s all numbers
  2. A password fewer than eight characters
  3. A password that contains an actual word (there’s ‘dictionary attack’ software that methodically tries only the likeliest passwords—such as all the words in a dictionary)
  4. Common letter-to-number substitutions, like 0 for O or 3 for E

If your password falls into any of those categories, it might be like using a cheap luggage lock on your front door.

Another hacker technique involves first finding out the ramifications for an acceptable password, and then plugging exactly those variables into a hacking program. Again, most people use only the bare minimum password requirements, which makes hackers’ lives much easier. Once they know that your password requires a special character and a capital letter (and an attempt to set up a new password on the website in question will tell them), they can insert those variables into their program, and then it’s just a matter of time before the program finds your combination.

Hackers have also discovered that the most common way to satisfy those requirements is by adding suffixes (used the vast majority of the time), and after that, prefixes. Even in rarer cases where the special symbols are inserted within a password, thieves know that most people use common symbol substitutions: $ for S, 1 for L, or @ for A.

And if you’re using a password that means anything to you at all, think again. Skilled hackers will sometimes do what’s called ‘spidering’: they’ll comb your social networking pages or blog to make guesses. In fact, if you can remember your password, chances are it’s easily hackable.

Note that combining words, like thisismypassword, used to be a way to outsmart hackers, but these days, those are easy to hack, too.

So now that you know what you could be up against, here’s how to lock out the hackers.

Best Practices

1. Length and randomness are your friends. A longer password takes more work to hack. When you combine letters and numbers, be sure to include both uppercase and lowercase letters, as well as special characters, because it makes a password tougher to guess. In fact, using a randomizer, like this one from Norton, will create a tough password that doesn’t follow any of the patterns that hackers expect. You can also use a password strength tester to see how your concoction measures up.

2. Storage is key. Can’t remember that password? That’s a good sign—but to make sure your new password isn’t impossible for you to access, store it in a password manager like 1Password, LastPass, or Dashlane. Not only will managers like these log in to sites for you by typing in those complex passwords, but they’ll lock them all behind one master password, making them safe from anyone snooping on your computer.

3. Abbreviate a sentence. If you’d still prefer a password you can remember in the moment (and don’t want to access your password manager every time you need to get into a site), another technique is to make up a sentence and abbreviate it. For instance, “My mom’s chicken and waffles are the best—in Toledo!” could become “Mm’sc&wsatb—iT!” Looks silly, but it works. (Hint: Don’t actually use that one.)

Keeping Secrets

Security questions are meant to help verify who you are if you’ve lost a password. However, it doesn’t take much more than a Google search these days to find out what city you were born in or what your first dog’s name was… and suddenly those questions aren’t very secure. Invent false answers instead—maybe your favorite pizza toppings or movies.

Good Hygiene

To keep your passwords secure, you’ll need to practice good password hygiene. That means using a new password for each website (according to this study, 73% of us don’t). Otherwise, if one is hacked, then the hacker can try it on another one of your sites, and the virtual door is open to everything you have. You’ll also want to stay updated on major breaches in the media and change your passwords often, or as necessary, to keep your data safe.

More from Betterment:

Recommended Content

View All Resources
Jon Stein on “How I Built This:” Reflecting on Our Story

Jon Stein on “How I Built This:” Reflecting on Our Story

Jon Stein joins NPR’s Guy Raz for an episode of “How I Built This” to look back at how Betterment started, what mistakes were made, and how they turned into learnings for the robo-advisor we are today.

4 Tips for Protecting Your Identity and Assets this Tax Season

4 Tips for Protecting Your Identity and Assets this Tax Season

Fraudsters and hackers often abuse trust relationships between online accounts to coerce people into sending them money. Here are four tips to help keep your money and identity safe this tax season.

Use App-Specific Passwords to Sync Accounts More Securely

Use App-Specific Passwords to Sync Accounts More Securely

It’s easy to set up app-specific passwords so that you can help safely share your Betterment data with your other financial providers.

Explore your first goal

Safety Net

This is a great place to start—an emergency fund for life's unplanned hiccups. A safety net is a conservative portfolio.


Whether it's a long way off or just around the corner, we'll help you save for the retirement you deserve.

General Investing

If you want to invest and build wealth over time, then this is the goal for you. This is an excellent goal type for unknown future needs or money you plan to pass to future generations.


Search our site

For more information and disclosures about the Betterment Resource Center, click here. | See our contributors.