Help to keep your account secure

Barnett Waddingham takes the protection of our clients' data very seriously. Here are some tips on how you can keep your BWebstream account secure.

If you suspect that someone knows your password or has gained access to your emails, computer or phone then log in as soon as you can and visit the 'Account settings' page to secure your account. If you cannot access your account then let us know and we will reset it for you.

Keep a strong password secret

We require you to choose a 'strong' password with a minimum length and a mix of upper and lower case letters and numbers.

  • Don't share your password with others or with other websites. We don't know your password and will never ask you for it.
  • Make your password something unique to you so that it is hard for someone with a little background knowledge of you to guess.
  • If you write down your password, store it in a safe place away from your computer and phone.
  • Change your password from time to time.
  • Be wary of phishing attacks. When following a link from an email or from another website check the address bar of your browser and only enter your username and password if you're sure you are visiting

Use your phone to double-lock your account

By choosing to have verification codes sent to your phone you make it much harder for someone to break into your account. Not only does a criminal need to discover your password, they also need to have your phone.

By choosing to turn on an authenticator app you will always be able to generate codes even when you have no phone signal or data connection.

Our verification codes work with the most popular authenticator apps:

You can also enter alternative phone numbers as a backup for when your main phone is unavailable.

If you haven't already we recommend that you turn on verification codes and use an authenticator app to generate the codes.

As an alternative, we also give you the option of entering random characters from a memorable word as a second lock on your account.

Keep your devices and emails secure to protect your identity

If someone gains access to your emails, computer or phone then they can find out information about you and potentially impersonate you.

  • Keep your devices protected with the latest security software.
  • Lock your phone with a strong passcode.
  • Set up your phone so that if you lose it you can erase it remotely.

Managing trusted devices

When you log in you can choose to 'Trust this device' so that next time you log in on that particular computer you will only be asked for your username or email and password.

When you or anyone else tries to log into your account from another computer a verification code sent to your phone (or random characters from your memorable word) will still be required.

  • Don't store your username, password or security answer on your computer or phone.
  • Don't trust a device that is shared with others or which is not secured with a strong password or passcode.
  • If you lose control of a trusted device, then you can log in and have it removed.

Turn on notifications for added reassurance

Choosing to receive an email or text message when your account is accessed from an untrusted device will reassure you that your account is not being accessed without your knowledge. You can also choose to be notified when there are repeated failed attempts to log in, or when your password or account is reset.