Why Los Angeles CPAs Should Use Dual Factor Authentication

Author: Craig Pollack Date: Jun 22, 2015 Topics: _CPA and Accountant Blogs

Why Los Angeles CPAs Should Use Dual Factor AuthenticationDoes your Los Angeles CPA firm use dual factor authentication, also known as two-factor authentication?

A complex, unique password is good protection against having your data compromised by digital intruders. Regardless of how random your password might seem, there are hackers who can find ways to track keystrokes, uncover patterns, and ultimately, break through your password security.

If you are at the helm of a CPA firm in Los Angeles, you should not leave the protection of your clients’ data just to a password alone. Dual factor authentication provides a far more secure, reliable line of defense requiring two different means of identification before a user can login.

The costs of implementing a multi-tier security strategy can quickly pay for itself by helping you avoid theft of your client data and long lasting damage to your reputation.  Here are three compelling reasons why you should adopt a dual factor authentication strategy.

1. Safeguarding Email Correspondence

Your clients share a lot of information over email. They often feel they are “off the record” when they send you a quick email with details of a transaction they might have forgotten to include in a tax return. Or they might be sending you a contract containing a great deal of sensitive information. Email passwords are often the first targets for hackers, as your address book alone may contain valuable information to cause further havoc and destruction.

If your CPA firm is running a popular email system such as Outlook/Office 365 or Gmail/Google Apps for business, there are a number of dual factor authentication services available via the cloud, mobile device apps, or token hardware. Using a time sensitive key code PIN, in tandem with a complex password can be the difference your firm needs to safeguard your email inboxes.

Many common email applications have built-in multi-step authentication for password resets though you want to make sure you have the protection of dual factor login security every time you open your email application.

2. Social Media Websites

If your social media channel is attacked on a personal or business level, your company’s reputation can be damaged by a message you did not intend to get out to your followers. On the other side of the coin, suggesting your clients adopt multi-factor authentication (MFA) strategies can help you to increase trust with your clients.

If you are looking to find out which social media channels support two-factor login security, Two Factor Auth  is a great list to bookmark and track which sites and apps support MFA. Besides passwords, the Two Factor Auth list offers up options where you or your clients can use another authorization protocol such as: 

  • SMS
  • Phone call
  • Email authentication
  • Hardware tokens
  • PIN numbers
  • Software certificates or cookies in your browser

With social media channels like Facebook, Twitter, and LinkedIn under scrutiny for password theft and information privacy, using a form of MFA is a best practice for keeping your reputation and your data secure and private.

3. Financial and Operational Business Applications

Although there are many social media websites and email providers which support MFA, there are a surprising number of financial and operational business applications that have yet to add this capability to their cloud solutions.

In the meantime, you can select a solution that supports dual factor authentication. You can also implement an added layer of security with advanced passwords or have an extra authentication step on your office computers or mobile devices.

Now that you’ve read about some kind of cool tricks for creating secure passwords, why trust your company or client data to a single sequence of letters, numbers, and/or special characters? Implement a dual factor authentication policy to better protect your information assets.


Have you used a dual factor authentication strategy that has been especially useful for your Los Angeles CPA firm? Tell us about it in the Comments section below.

And to follow up on the tips introduced in this article, be sure to download your free guide, 12 Ways for CPA Firms in LA to Utilize Technology More Efficiently.


New Call-to-action


Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 30 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best leverage and secure their technology to achieve their business objectives.