FREE NEWSLETTER

Nothing to Chance

John Yeigh

MY WIFE AND I TAKE some over-the-top precautions to protect our financial accounts. Why? After 40 years of working, our life’s savings boil down to digits stored on computers. No one anymore holds stock and bond certificates, stuffs money in mattresses or buries gold in the backyard. The integrity of those digits is all important.

Here are our 11 strategies—which go way beyond the normal account and password protection recommendations:

  1. We only deal with major institutions. Several friends have their retirement funds invested through small, boutique wealth advisors. I know of one advisor who operates on his own out of his house. These small advisory firms likely provide great service. But to me, they seem ripe for mischief. Bernie Madoff is just one of many rogue investment advisors who have gone astray with Ponzi schemes or excessive commissions.
  2. We maintain 13 financial accounts split up among eight institutions—unlike many friends, who have consolidated all assets into one huge account. Just like portfolio diversification, we feel institutional diversification lowers risk, by reducing the fallout from a cyberattack or other issues with any single institution, while also marginally broadening our investment choices.
  3. We separate our investment accounts from our daily cash management and banking accounts. Except for occasional cash transfers from two investment accounts, these various accounts aren’t linked. The low interest rates of recent years minimize the penalty for maintaining larger bank cash balances.
  4. For our larger investment accounts, we utilize two-factor authentication, and also must painstakingly locate and input cumbersome passwords for each log in. We almost never save investment account passwords on any device. We don’t use any password manager or other lockable software, and we don’t maintain a spreadsheet with a list of passwords. We also feel “the cloud” isn’t our friend when it comes to protecting financial and other information.
  5. Likewise, we don’t use account aggregation services or download financial data to budgeting, tax or other software. Instead, we manually update our gross assets—our balance sheet—and our budget every six months. This ensures our accounts remain segregated and discrete. We also feel semi-annual updates are sufficient to allow us to tweak estimated tax payments and rebalance our investments. Unlike many friends, we don’t spend much time sweating daily, monthly or quarterly changes in the markets or our accounts.
  6. We have some retirement accounts that we never access digitally, so there’s no username and password to be stolen. The investment selections for these accounts are in a set-it-and-forget-it mode.
  7. We never access investment accounts from our phones, a notebook computer or some other portable device. Never, ever. Most friends trade stocks, review balances, move money and complete other financial transactions with ease from their cellphone anywhere in the world. We know our approach is old school. But with a conservative and diversified portfolio, we never feel compelled to take prompt investment action. In an emergency, we could always call our financial institutions.
  8. We only use one device to access the larger accounts, which is locked up when traveling.
  9. Like most folks, we probably do not change passwords frequently enough, especially as our logon routines are so cumbersome. The good news is, we don’t have to sync new passwords on multiple devices.
  10. We regularly download account statements, but these aren’t readily found in the event of a house break-in. Retaining these backups could prove invaluable, should any institution have problems with its own records.
  11. We have advised our kids about the location of our accounts and passwords.

John Yeigh is an engineer with an MBA in finance. He retired in 2017 after 40 years in the oil industry, where he helped negotiate financial details for multi-billion-dollar international projects.  His previous articles include Hers, His and OursUnloaded and Getting Schooled.

Do you enjoy HumbleDollar? Please support our work with a donation. Want to receive daily email alerts about new articles? Click here. How about getting our weekly newsletter? Sign up now.

Browse Articles

Subscribe
Notify of
11 Comments
Inline Feedbacks
View all comments
james mcglynn
james mcglynn
2 years ago

The unique passwords etc. are a royal pain the bane of all this-but necessary for now. Have you added a VPN for another layer of security? Also (borrowed from a book I read recently) recently created a separate email account exclusively for financial accounts. Segregated from personal accounts-and spam! Makes it easier to monitor without wading through junk. Also makes it easier upon death to show offspring where everything is. Here is the ONE account to monitor. Great tips.

John Yeigh
John Yeigh
2 years ago
Reply to  james mcglynn

We have considered an exclusive financial email account, but we haven’t quite gone there yet. We do have a family email account (all online transactions and plenty of junk emails/phishing) which is separate from personal email accounts (not much junk). Fortunately, Apple, Google and Microsoft all continue to improve their junk mail sorting. The importance of solid email account protection is that password resets often are allowed via email.

medhat
medhat
2 years ago

We do about 70% of this, much of it by accident, as work has 2-4 separate accounts alone, plus another 6-8+ various investment/retirement accounts (and that’s after consolidation!). A digital kind of attack would undoubtedly affect everyone significantly, including us, but I view it as a consequence of the digital age. I’d keep more on paper but my wife isn’t game (too much clutter). Security is a prevalent issue, I agree.

John Yeigh
John Yeigh
2 years ago
Reply to  medhat

The 13 accounts already include some consolidation from life’s accumulations (jobs, inheritance, kids), and we are considering a bit more. I think 3-4 institutions might be our eventual minimum unlike a couple friends who have consolidated to one all-encompassing instituition, but even those consolidations include separate joint, spousal and IRA accounts.

parkslope
parkslope
2 years ago

While it is important to have unique passwords for each account, you really don’t need to change your password unless there is a reason to believe that there has been a security breach. Changing passwords frequently may be counterproductive if it makes you more likely to rely on simple and easy to remember passwords.
https://blog.lastpass.com/2018/08/often-change-password.html/

David J. Kupstas
David J. Kupstas
2 years ago
Reply to  parkslope

A lot of places FORCE you to change passwords every quarter or every six months. I hate it. What’s funny is a lot of these websites are things I access for work, and I couldn’t care less if someone hacked into my login because I have no trading authority or there’s nothing confidential there for anyone to see.

David Powell
David Powell
2 years ago

In the event of a massive hack, I’d expect SIPC coverage to kick in: https://www.sipc.org/for-investors/investors-with-multiple-accounts

No security solution offers 100% confidence of perfect protection, but using 2FA with hardware keys like YubiKey 5 is as close as individual investors can come to that today.

Pravin Mittal
Pravin Mittal
2 years ago
Reply to  David Powell

Yes, I would highly recommend to read article by David on this topic on humble dollar- https://humbledollar.com/2019/02/playing-defense/

Langston Holland
Langston Holland
2 years ago

Very helpful thoughts, thanks John. It is scary thinking about conditions that could produce another Lehman Brothers type bankruptcy or Bear Stearns and Merrill Lynch near misses during the housing crash. Thus it makes sense to segregate investments across accounts and larger brokerages as another form of diversification and as a way to maximize SIPC coverages.

One thing that may not be appreciated by many is the Oct 2016 SEC money market rule to “protect” retail investors. This allows brokerages to charge up to 2% for withdrawals or even refuse withdrawals altogether for up to 10 business days (per 90 day period) during market runs. As an example; Vanguard’s Prime Money Market fund I’ve used for decades comes under this new rule, while Vanguard’s government money market funds do not.

Maybe some cash buried in your back yard in a PVC pipe isn’t so crazy after all. 🙂

John Yeigh
John Yeigh
2 years ago

Does having some nickels,dimes and quarters in our penny jar count as having cash? If so, we’re good……

CJ
CJ
2 years ago

Good article. I think about this a lot too and the fear of what could happen. But my biggest worry about setting up anything too complex is the aspect of aging.

Even without dementia issues, cognition naturally slows in most people. Especially for those who are child-free, too much financial/investment account complexity can create different, but equally serious problems, vs paring down to a simpler, more manageable setup they can handle in the latter phases of retirement.

For some, maybe the answer is to maintain a few bank accounts w/smaller amounts in each, since those are much simpler/straightfwd, but consolidating equity/bonds in one place or maybe converting some of the latter to fixed annuities.

Free Newsletter

SHARE