Tax Accountant Password Policy Best Practices

A password policy is a set of rules designed to enhance computer and web security by encouraging users to employ strong passwords. A password policy should be part of an accounting practice policy manual. Viruses, malware and hacking are major issues facing tax and accounting professionals. Guarding client and practice data from unwanted attacks can be helped by establishing company wide standards and keeping security software up-to-date.

Here are some simple tips to establish a strong password:

  • Mix upper and lower-case letters. For example - ClientWhys website for accountants passwords are case-sensitive.
  • Use symbols like (#) or (_), and substitute letters with numerals (e.g. @lee_p2z).
  • Don't use information that is potentially available publicly. Avoid using birthdays, names of your pet, spouse, partner or children, the school you attended or your hometown.
  • Be original: 'password,' '12345678,' 'qwerty' and 'abc123' are among the most common passwords. Don't use them!
  • Change Passwords frequently, every 90-180 days. Though this can backfire if the password is easily forgotten or written down. So use common sense. 

Password policies often include advice on proper password management such as:

  • Never tell a password to anyone, including people who claim to be from customer service or security - unless you are certain of their identity like your own IT staff
  • Never write down a password
  • Never communicate a password by phone, e-mail or instant messaging
  • Log off before leaving a computer unattended
  • Change passwords whenever you think they may have been compromised

While we know this can be more frustrating to manage complex passwords, it is vital you take precautions. 

