Safeguarding Your Digital Assets: What You Need to Know
In a typical day, you might log into your bank account to check your balance, order groceries online for pick-up after work, sign into your computer – and then into a specific software program to finish a report, log into email, and post on social media – and sign into Netflix after dinner to watch a show. In each of these activities, you are using a digital asset – something that has value not just to you, but potentially to others, including criminals.
The average individual may have dozens of digital assets without even realizing it. The term refers to any online login or file that you control, which could be anything from Bitcoin to your medical records, or even your Tik Tok account. These are items that you should protect in life and include as part of your estate plan.
The Revised Uniform Fiduciary Access to Digital Assets Act, enacted or introduced in all but three states, governs access to your online accounts if you die or lose the ability to manage the account. The Act extends the power of a fiduciary, such as the executor of your estate, to include management of your digital assets. However, it may be impossible for your executor to access your digital assets without your login information. Here are some ways to protect your assets now and make them available safely to the right individuals when you die.
1 – Take Inventory.
If you haven’t already done so, start by making a list of all your online accounts, along with their user names, passwords, PINs, and two-factor authentication information. An easy way to do this is on your computer, of course, and if you do, be sure to password-protect the file. (You may use spreadsheet software to create your list, or a password manager.) Print a copy of this list and keep it in a secure location, such as a safe or locked file cabinet. Each time you add or close an online account, you’ll need to update the information in both places. Ensure that the executor of your estate plan, or another trusted loved one, knows how to access the information if something were to happen to you.
Trying to remember what types of digital assets you have? You might start with categories, such as devices (computers, tablets, smartphones, X-Box, Play Station, etc.), email accounts, financial accounts (banks, virtual currency, such as Bitcoin, credit cards, mortgage lender, credit agencies, etc.), software accounts (like Microsoft, Adobe, Google, Apple, websites you own or manage, etc.), medical accounts (patient portals, etc.), social media accounts, entertainment (such as Netflix, Spotify, cable, HBOMax, Amazon Prime, etc.), shopping accounts (Amazon, grocery stores, favorite clothing stores, restaurants, Grubhub, UberEats, etc.), books (library, Audible, Apple books, etc.), apps (fitness, travel, gaming, etc.), reward programs (airline, credit card rewards, retail loyalty programs), and services (auto repair, fitness subscriptions, newspapers, etc.). You didn’t realize you had so many kinds of accounts, did you?
2 – Use strong, separate passwords.
One of the dangers of having an easy-to-remember password and using it with slight variations is that it might not withstand a brute force attack – one in which the attacker keeps trying variations of the password in hopes of guessing the correct one. According to CNET, longer passwords are better, with at least 16 characters including letters, numbers and symbols. Don’t use the same password for multiple accounts, and change your passwords often.
Curious to know if your passwords have already been stolen? Believe it or not, there are ways to check! Try using Mozilla’s Firefox Monitor, Google’s Password Checkup, or Pwned Passwords to learn if you’ve been compromised. If you find that any of your passwords have been exposed, you may want to consider locking your credit or using a credit monitoring service until you’re sure no one has accessed your accounts.
Consider using two-factor authentication (2FA) if you don’t use it already.
Two-factor authentication provides an extra layer of protection against hackers. After entering your username and password to log into your account, you can receive a code via call or text to finish logging in. The two factors are your password and the code. While this extra step may seem inconvenient, it far outweighs the inconvenience of an account breach!
Managing your digital assets now is important, but maintaining the information and providing access to a trusted family member, executor, or agent will also be critical at the end of your life. Don’t wait to start until it’s too late.