Protect your junk, and your identity. Do these two things:

Have you ever been hacked? Ever had your I.D. used by someone else?

A couple years ago, a friend tried to file her tax return, and was shocked by a rejection from the IRS. Someone else had already collected a refund, using her personal information. This spring, same thing happened to one of my husband’s partners, and last week, to another friend.

All anyone needs to file a tax return is a name, birthdate and Social Security number, and as more company databases get hacked, that information becomes available to more thieves. This year, the IRS anticipates a potential $20 billion dollar loss to refund fraud.

Image courtesy of Christopher Dombres, via

The problem stems from many sources, including under-funded enforcement, and timing which allows refunds to be paid before employers have forwarded updated information.

Just because it happens a lot, doesn’t mean it’s any easier to straighten things out. Re-establishing your identity is a pain.

Take these two steps to protect yourself:

1. Don’t give your Social Security number to anyone other than the I.R.S. For most of us, that cat’s already out of the bag. In the good old days, many of us gave our SSN out all over the place. My college for instance, used to require it for identification at registration. What’s done is done, but from here on out, protect your SSN.

All kinds of businesses ask for Social Security numbers, including department store credit card companies, doctors and dentists. If your doctor gives you a form that asks for yours, leave the space blank. He or she will still take you as a patient. When applying for a job, only reveal the last four digits of your SSN, unless you are dealing directly with the I.R.S.

Job Application-SSN

A Social Security number is not general I.D. It’s for you and the IRS, and no one else.

2.Juice up your password system.

Courtesy of fixed gear, via

Password laxity is stunningly common. Don’t be lazy.

  • Choose good passwords (see my previous blog post on the best passwords ever).
  • Keep track of yours, and establish a safe place to keep them.
  • Do not use the same password, or a close variant, to access a dozen different websites.

A password app can make management much easier. These encrypt and store all of your data, are easily searchable and blind copy/paste i.d. and passwords to websites, so you don’t have to worry about painstakingly typing in those maddening cap/smallcap/symbol/numerals. All you have to remember is the master password — which you need to change regularly.

A couple apps to try (I’m not on their payroll, but tried and liked both):

KeePass, stores everything on your computer, is free, basic, pretty easy to use and set up, and while designed for Microsoft Windows, has a version that works on Mac OSX.

Dashlane, is a fancier storage service, for those who really don’t like messing with passwords. It’s also free, and not only stores and generates, but also can change all of your passwords in one go. It saves receipts and automatically signs you in when you visit a website. It’s pretty nice. All is encrypted. The only way for you, a Dashlane staffer, or a hacker, to get at it, is via your master password — so make it a good one.

Here are more suggestions from PC Magazine.

Can password manager apps be hacked?

Yep, everything is hackable — but these guys are in the business of staying ahead of crooks, unlike most of the rest of us, who just want to do our thing and tend to get sloppy. It’s a good idea to keep your most important passwords, like bank accounts, separate from those stored with a manager, preferably off your computer.


Someday your iris may be your one and only password, but we aren’t there yet. In the meantime, don’t give in to the temptation to let your password system slide — and keep that Social Security number to yourself.

How is your password system? Any tips for making private information secure?


  • Great information to share. Thank you. I never give out my social security number. On health forms, I leave it blank as you suggest. I’ve never been asked for it later. Other places, I’m sometimes asked for the last four digits, and I’m okay with that. I cringe to think how we used to give it out with everything.

    Thanks for the info on those password sites. I’ll have to look into that.


  • Glad to get confirmation on health forms. Does anyone actually reads those forms or are they are just a way to keep us busy in the waiting room? How many times have I hovered indecisively over a checkbox (yes or no on headaches? does 90-year-old Aunt Betty’s cancer in 1964 count?)? And then, masterpiece completed, it goes with its clipboard over the counter and disappears forever.

    Password managers are pretty handy. It’s fun to go to a site and be logged in automatically, without the site storing my information. It’s also great to be able to change passwords with a click. The app does most of the work — goes to the site, signs in, generates a new password, establishes the new password.


  • Isn’t that the truth? Still it amazes me how many smart people are not careful about passwords — myself included. My Econ Man of a husband nudges me to be vigilant, and introduces me to fabulous apps like KeePass and Dashlane. On my own, I fear password management would be a haphazard affair.


  • It’s so scary how prevalent hacking is. All of us see it as only a matter of time before they “get me”. Great tips on protecting ourselves better. I changed my gravatar and got rid of my iris, should have kept it for identity purposes. 🙂

    Liked by 1 person

    • It’s all online, whether you connect from your home or not. I agree though that you can break the link between your home and the bank by physically going to the bank, and sending mail by the postal service.

      Liked by 1 person

      • I do telephone banking with HSBC – no online data available whatsoever beyond their internal systems. I’ve been using it for over 20 years and it’s always been perfect, with access 24/7/365 of course. I never visit the branches themselves, nor send any instructions by mail, or email. Everything is compromised in some way I know, but this seems the best practical solution by far to me.

        All the very best,



Submit a comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s