Please wait, loading...


Keeping Your CRA & IRS Login ID & Password Safe

January 31, 2017

In this digital world, almost everything is online, whether it is shopping, banking, or filing your income tax return. The only thing protecting one from having their identity or financial data stolen is a ‘password’. Thus, making it very crucial to have a strong, hard-to-guess password, but also something that we do not forget.

Here are a few tips provided by the U.S. Internal Revenue Service (IRS) to keep in mind while selecting a password to protect your online identity, and information with tax services, banks, and other such important websites.

Password Measures To Protect Your Tax Information

Add a Password to All Your Devices

You may be at a restaurant or any other public place, where you could lose your tablet, phone or laptop computer. To ensure data protection, it is always best to add a password to the device. Also, keep a strong password for your Wi-Fi router, since a person who can hack it, could have access to your computer data.

Keep Important Documents Password Protected

Documents like credit card statements, account statements, FormW-2 and other personal documents are generally in PDF format. These documents can easily be password-protected if there is no password included for the document by the document issuing authority. This makes it difficult for hackers to access those important documents – even if they have obtained these documents, making it useless to them.

Avoid Using Public Network to Access Official Sites

These days almost every public space provides wireless internet service. However, as a safe practice, only use these public servers to visit social media websites. Avoid accessing your bank website, or tax website through these networks.

Change Default Passwords

Often certain devices, and login IDs come with default passwords, it is highly recommended to change these passwords to prevent others from accessing them.

Recommended Password Tips/ Password Best Practices

Keep a Long Password: Websites, generally, recommend to keep a long password, a minimum of 8 characters. This should include a capital letter, a numerical, and a special character. It is advisable to keep something generic that is easy to remember but not your or family member’s date of birth, date of anniversary, or child’s birthdate. You can however mix it up and build something strong but ensure that it takes at least 3 to 10 tries to guess the password since by then the user id is usually locked.

Avoid repeating passwords and PINs: As a common practice to avoid forgetting the password or login details, we tend to set the same password for all the logins and PINs for debit and credit cards. This is an absolutely wrong thing to do, since if one account login is compromised, all the other online accounts become accessible too, leading to more damage.

Rely on two-factor authentication options: Many financial institutions, e-mail services, and social media websites provide a two-factor authentication process, i.e. along with a password, a one-time password (OTP) is sent to the mobile number or at an e-mail address to validate the individual’s identity while logging in. This two-factor authentication process is mandatory for online financial transactions while it may be optional for some websites. If the financial institution, bank or networking site provides a two-factor authentication option, always opt for it to ensure more safety.

Regularly Update Passwords: As a safe practice, frequently update your password. This can be done on a monthly or bi-monthly basis. Doing so helps when the security of a website may be compromised due to a hack, malware or virus attack.

Having said that, sometimes a password hack may start in a simple form as a post shared on a social media website. For example, sometimes a social media shared post may state: if your password ever contained an animal’s name, click ‘like’, if it was your date of birth, comment. People may take it lightly, without realizing that they are making it easy for hackers by diminishing some of the possibilities. You may think it is regarding an old password and no longer applies, but they may put forward another related question a few weeks later, diminishing more and more possibilities, and finally reaching a minimum set of possible passwords.

Additionally, when it comes to protecting tax accounts, and a taxpayers’ identity, the IRS is working with state authorities and financial institutions to work out measures and steps to prevent identity theft, data breech, and building barriers to make it tough for hackers and identity thieves.

Last tax season, the IRS added new features, such as: timed lockout, limits on unsuccessful log-in attempts, mandatory three security questions, and e-mail verification through a personal identification number (PIN) sent to the e-mail id or mobile phone to verify the login before one can proceed with using the tax software.


If you have any tax-related queries, need assistance with tax planning or filing your tax returns please contact us. Our team comprises of highly experienced tax professionals with extensive knowledge of US and Canadian tax laws as well as cross-border compliance.

Furthermore, as a full service accounting firm, AG Tax assures complete assistance with even your most complex tax needs.

We can assist with:

  • Canadian Personal and corporate tax returns
  • Cross Border Taxation and Business Planning
  • US Personal and Corporate Taxation
  • Disclosure of Foreign Assets and other information filings
  • Retirement planning
  • Estate Planning, Inheritance tax advice

To obtain a quote or to arrange for a tax consultation to discuss your U.S. Canada Cross Border tax issues, please contact us at:

  •  604-538-8735 (Greater Vancouver Area, BC)
  • 780-702-2732 (Greater Edmonton Area, AB)


Disclaimer: The information in this publication is accurate as of the time of its publication. AG Tax assumes no responsibility for changes to tax legislation subsequent to the publication of this document. The information provided is for general information purposes only and should not be acted upon without seeking professional advice. If you would like to engage our services, please contact our staff and obtain authorization to send our firm confidential information. A client relationship is not created by the transmission of information. A client relationship is only formed with our firm when a scope and engagement letter signed by the firm and the potential client detailing the terms of engagement is present.

ABOUTAylett Grant Tax, LLP
With offices across Canada, we are positioned to manage and process the full scope of your Canadian, US and US Canada cross-border tax filing needs.
12752 28th Ave, Surrey, BC, V4A 2P4
104–4220 98 St NW Edmonton AB, T6E 6A1
With offices across Canada, we are positioned to manage and process the full scope of your Canadian, US and US Canada cross-border tax filing needs.
12752 28th Ave, Surrey, BC, V4A 2P4
104–4220 98 St NW Edmonton AB, T6E 6A1

© AG Tax LLP | All Rights Reserved | Website by Aroma Web Design Vancouver

© AG Tax LLP | All Rights Reserved | Website by