Casa's mission is to protect our clients from any and all risks to their funds, starting with good security practices.
Use a password manager
A password manager is a vital security tool. It allows you to record your PIN securely, and for many years. There are many options available, including 1Password or Bitwarden. These password managers are able to be set up on both mobile and desktop.
Consider a VPN
Keep in mind that while your ISP will know that you are using Casa, though they won't know exactly what you're doing. Traffic between your device and Casa is encrypted, but they do know that requests are going to Casa's servers.
If you are concerned about your internet privacy, a VPN can provide an important line of defense. NordVPN and PIA are both popular providers and there are many good options available. When using a VPN, your ISP only knows that you're sending traffic to a VPN server. Since you're still trusting a third party (the VPN service) not to spy on your activity, this isn't perfect privacy.
If you want to take your privacy a step further, you are able to configure Tor clients on any device that you use with Casa. This article provides additional information about Casa's internet privacy recommendations.
Enable two-factor authentication (2FA) everywhere you can
Using 2FA is a great way to improve your digital security. We are big fans of YubiKeys, but Google Authenticator is a good option as well. Do NOT use your phone number, especially for brokerage or exchange accounts.
Prevent SIM-swap attacks
Never use SMS text messages for your 2FA, which leaves you vulnerable to SIM-swap attacks. Contact your wireless carrier and ask them to secure your account with a separate PIN or passphrase.