Pension Sense blog | October 22, 2025 | Melissa Jones-Ferguson

Answer honestly: Do you use the same password for every account? Do you share your streaming service login information with a friend or loved one? 

If so, keep reading! 

October is Cybersecurity Awareness Month, a global initiative led by partners, including the National Cybersecurity Alliance, to increase awareness about online safety and empower individuals to protect themselves from cybercrime. 

Read on to learn the alliance’s Core 4—simple, effective steps to keep yourself safe online and protect your personal data. You’ll also find some good advice from CalSTRS.

Use strong passwords  

Create passwords that are at least 16 characters long, unique to each account, and a mix of letters, numbers and symbols. Then, store your passwords safely with your first line of defense against cybercrime—a password manager.  Think of your passwords like your keys or the combination to a lock. Keep them safe and secure!   

Enable multifactor authentication for added protection  

For another layer of security, think of multifactor authentication as a deadlock. It can protect you, even if a hacker discovers your password. Many accounts now offer multifactor authentication as a built-in safety feature. 

Know the signs of a scam and how to respond 

There are many scams out there. For example, scammers can create friendly relationships with you online and then ask for money, airline tickets or other gifts. Scammers also offer incredible financial opportunities. Another tactic scammers use is impersonating a loved one in crisis who is claiming to need money urgently.  

Some tips for avoiding scams:  

• Be skeptical of people you meet online.  

• Don’t respond to unsolicited calls, texts or emails.  

• If someone sounding like a loved one or other important person in your life reaches out to ask for money or personal information, respond by communication with the verified number or email from your contact list.  

• Refuse to pay for things in unusual ways, such as with a gift card. Be suspicious and err on the side of caution. 

Remember that CalSTRS will send you an email or letter, confirming certain updates or changes made to your account. We recommend that you open any communications you receive from us immediately and inform us if you didn’t make any of the changes.  

You should also review your account regularly and make sure your contact and account information are accurate. 

Update your software   

Making sure that your software is up to date is a simple, easy and effective tactic. Updated software protects you from vulnerabilities that are typically exploited by hackers.  

Keep your CalSTRS information secure   

Protecting your CalSTRS personal and financial information is important to us because we want to protect you.  

You can do your part by: 

• Keeping your login or account information to yourself, including security question answers. 

• Choosing a strong password or passphrase. 

• Changing your password and security questions frequently. Change your password immediately if you know or suspect it’s been compromised or is known by others. 

• Never enter your CalSTRS password without verifying your personal security icon and personal security message are valid. If these items don’t appear or are not the ones you chose, contact CalSTRS for assistance.  

Learn more about keeping your CalSTRS account secure in the section of your Member Handbook on governance, tax information and legal matters.  

Now, you have the tools you need to protect your information. So, go ahead and evaluate your online security and take the necessary steps to make sure that you’re protected.  

And remember to change your passwords.