Vanguard - You'll need to sign up for security codes soon

Discuss all general (i.e. non-personal) investing questions and issues, investing news, and theory.
Post Reply
User avatar
KlingKlang
Posts: 657
Joined: Wed Oct 16, 2013 3:26 pm

Vanguard - You'll need to sign up for security codes soon

Post by KlingKlang » Tue Jun 12, 2018 2:54 pm

I just received an email from Vanguard Flagship Services addressed to my wife with the message "You'll soon be required to sign up for security codes".

My wife won't touch a computer or a smartphone. I use my email address for both of our accounts. Will I get in trouble with Vanguard for using my phone number for her security codes?

bloom2708
Posts: 4143
Joined: Wed Apr 02, 2014 2:08 pm
Location: Fargo, ND

Re: Vaguard - You'll need to sign up for security codes soon

Post by bloom2708 » Tue Jun 12, 2018 3:07 pm

Yes, you can use your phone number for both account security codes.

I use the "Remember my device" option. It will only ask for the code if you log on from a new device.

The more secure option is to require the code every log in. I think that is overkill (currently) as we have a laptop and a phone.
"We are here not to please but to provoke thoughtfulness" Unknown Boglehead

ResearchMed
Posts: 6425
Joined: Fri Dec 26, 2008 11:25 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by ResearchMed » Tue Jun 12, 2018 3:08 pm

KlingKlang wrote:
Tue Jun 12, 2018 2:54 pm
I just received an email from Vanguard Flagship Services addressed to my wife with the message "You'll soon be required to sign up for security codes".

My wife won't touch a computer or a smartphone. I use my email address for both of our accounts. Will I get in trouble with Vanguard for using my phone number for her security codes?
If that's what *she* wants to use, then why should there be a problem.
What if it were a phone/number for *both* of you, like back in the day (and some still nowadays) when there was a single "home phone"?

I'd just enter the number. Where is it required that couples cannot share a phone?
(We'll see how Vanguard's software handles that, of course, which is something entirely different... but one can find out.)

Also, do you happen to be an authorized agent for her? If so, it should be a total non-issue.
(That's "should be", but then there still is... Vanguard's software...)

RM
This signature is a placebo. You are in the control group.

FrankLUSMC
Posts: 83
Joined: Tue Nov 28, 2017 1:43 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by FrankLUSMC » Tue Jun 12, 2018 3:35 pm

I've been using only my phone number for 4 different accounts, same email too. For several years. I even have all our Vanguard accounts registered with Voya. This sometimes triggers the security code, so I get 2 codes and I sometimes have to guess for which account, but you get a second try if the guess is wrong.

User avatar
TheGreyingDuke
Posts: 1460
Joined: Fri Sep 02, 2011 10:34 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by TheGreyingDuke » Tue Jun 12, 2018 5:12 pm

While my wife is quite adept with smartphones and computers, she will not tolerate time on investments. I am an authorized agent on her account, it all appears with my log in and all is good.

We have multiple accounts, TIRA, Roth, Taxable X2, and a JTROS
"Every time I see an adult on a bicycle, I no longer despair for the future of the human race." H.G. Wells

User avatar
KlingKlang
Posts: 657
Joined: Wed Oct 16, 2013 3:26 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by KlingKlang » Tue Jun 12, 2018 5:37 pm

TheGreyingDuke wrote:
Tue Jun 12, 2018 5:12 pm
While my wife is quite adept with smartphones and computers, she will not tolerate time on investments. I am an authorized agent on her account, it all appears with my log in and all is good.

We have multiple accounts, TIRA, Roth, Taxable X2, and a JTROS
Ditto on the multiple accounts. How much effort is it to become an authorized agent on another's account? This would be for both my wife and my mother (I am the joint owner on all non-qualified accounts).

annielouise
Posts: 237
Joined: Wed May 14, 2008 4:11 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by annielouise » Tue Jun 12, 2018 6:13 pm

KlingKlang wrote:
Tue Jun 12, 2018 5:37 pm
TheGreyingDuke wrote:
Tue Jun 12, 2018 5:12 pm
While my wife is quite adept with smartphones and computers, she will not tolerate time on investments. I am an authorized agent on her account, it all appears with my log in and all is good.

We have multiple accounts, TIRA, Roth, Taxable X2, and a JTROS
Ditto on the multiple accounts. How much effort is it to become an authorized agent on another's account? This would be for both my wife and my mother (I am the joint owner on all non-qualified accounts).
It's not much effort at all. I highly recommend doing so.

User avatar
Kevin M
Posts: 9640
Joined: Mon Jun 29, 2009 3:24 pm
Contact:

Re: Vaguard - You'll need to sign up for security codes soon

Post by Kevin M » Tue Jun 12, 2018 6:44 pm

KlingKlang wrote:
Tue Jun 12, 2018 5:37 pm
How much effort is it to become an authorized agent on another's account? This would be for both my wife and my mother (I am the joint owner on all non-qualified accounts).
You need to fill out the agent authorization form, agent signs it, and owner gets notarized signature and signature of two witnesses. Then of course mail it to Vanguard.

Kevin
Wiki ||.......|| Suggested format for Asking Portfolio Questions (edit original post)

Beehave
Posts: 231
Joined: Mon Jun 19, 2017 12:46 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by Beehave » Tue Jun 12, 2018 7:02 pm

Should people be posting how they generate passwords for their financial holdings?

Broken Man 1999
Posts: 1128
Joined: Wed Apr 08, 2015 11:31 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Broken Man 1999 » Tue Jun 12, 2018 7:16 pm

Beehave wrote:
Tue Jun 12, 2018 7:02 pm
Should people be posting how they generate passwords for their financial holdings?

I see no danger, you are sharing/discussing methods, not actual passwords.

Typically I use my password keeper to generate the absolute largest password the particular entity will allow.

I have adopted the Vanguard option of receiving a security code if a sign on is attempted from an unrecognized source. It has worked perfectly, thus far.

Broken Man 1999
“If I cannot drink Bourbon and smoke cigars in Heaven than I shall not go. " -Mark Twain

User avatar
Pancakes-Eggs-Bacon
Posts: 65
Joined: Wed May 02, 2018 6:17 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Pancakes-Eggs-Bacon » Wed Jun 13, 2018 12:28 pm

Vanguard needs to really add TOTP software security tokens instead of just SMS. And not the silly Symantec VIP nonsense, which ties you to a single vendor. It's great they support U2F Fido hardware tokens. I'd buy a Yubikey except I don't 100% trust the security of USB.

User avatar
jhfenton
Posts: 2945
Joined: Sat Feb 07, 2015 11:17 am
Location: Ohio

Re: Vaguard - You'll need to sign up for security codes soon

Post by jhfenton » Wed Jun 13, 2018 1:39 pm

Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 12:28 pm
Vanguard needs to really add TOTP software security tokens instead of just SMS.
+1 Vanguard needs to support TOTP, and they need to disallow bypassing a security key with SMS.

I already have security codes for new devices turned on for Vanguard, for what it's worth.

LiterallyIronic
Posts: 675
Joined: Sat Dec 05, 2015 10:36 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by LiterallyIronic » Wed Jun 13, 2018 1:44 pm

What's a security code, in this context? When I log into Vanguard on my computer, it asks me one of my security questions (and then I tell it not to remember my device, that way it will continue to ask me the security questions every single time I log in). Is a security code something on top of that?

Random Poster
Posts: 1624
Joined: Wed Feb 03, 2010 10:17 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Random Poster » Wed Jun 13, 2018 1:47 pm

So how does the sending a security code work if you are logging on to Vanguard's website using a new computer in a new location and you no longer have your old phone number?

How do you update the phone number contact information then?

User avatar
Pancakes-Eggs-Bacon
Posts: 65
Joined: Wed May 02, 2018 6:17 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Pancakes-Eggs-Bacon » Wed Jun 13, 2018 4:06 pm

LiterallyIronic wrote:
Wed Jun 13, 2018 1:44 pm
What's a security code, in this context? When I log into Vanguard on my computer, it asks me one of my security questions (and then I tell it not to remember my device, that way it will continue to ask me the security questions every single time I log in). Is a security code something on top of that?
In this context, a security code is two-factor authentication.

Common "factors":
1. Something you know (e.g. a password)
2. Something you have (e.g. a cell phone or a Yubikey USB fob)
3. Something you are (e.g. fingerprint, iris/retina scan, facial recognition, blood sample)

Two-factor (or multi-factor) requires two distinct factors from the above list, so answering a password (something you know) + answering some security questions (also something you know) is really just two examples of the same factor. In other words, if a thief knows your password, they can probably try to learn answers to your security questions as well.

User avatar
oldzey
Posts: 889
Joined: Sun Apr 13, 2014 8:38 pm
Location: Land of Lincoln

Re: Vaguard - You'll need to sign up for security codes soon

Post by oldzey » Wed Jun 13, 2018 4:11 pm

What is this "Vaguard" that you speak of? :P
"The broker said the stock was 'poised to move.' Silly me, I thought he meant up." ― Randy Thurman

User avatar
Pancakes-Eggs-Bacon
Posts: 65
Joined: Wed May 02, 2018 6:17 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Pancakes-Eggs-Bacon » Wed Jun 13, 2018 4:13 pm

Random Poster wrote:
Wed Jun 13, 2018 1:47 pm
So how does the sending a security code work if you are logging on to Vanguard's website using a new computer in a new location and you no longer have your old phone number?

How do you update the phone number contact information then?
Ideally a financial institution would allow us to use multiple phone numbers and multiple security tokens in case we no longer have access to one. Like with Google/Gmail, I have two cell phone numbers, a TOTP software token, and 2+ recovery e-mail addresses.

With Vanguard, I have two cell phone numbers (one primary, one alternate).

If you don't have access to your old phone number or old computer, you'll probably have to call their customer service and prove that you are you by overnighting a blood sample answering security questions.

User avatar
Pancakes-Eggs-Bacon
Posts: 65
Joined: Wed May 02, 2018 6:17 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Pancakes-Eggs-Bacon » Wed Jun 13, 2018 4:14 pm

oldzey wrote:
Wed Jun 13, 2018 4:11 pm
What is this "Vaguard" that you speak of? :P
The company James Bagel founded. :P

We Bagelheads are a cheesy bunch.

User avatar
Sheepdog
Posts: 5006
Joined: Tue Feb 27, 2007 3:05 pm
Location: Indiana, retired 1998 at age 65

Re: Vaguard - You'll need to sign up for security codes soon

Post by Sheepdog » Wed Jun 13, 2018 4:22 pm

KlingKlang wrote:
Tue Jun 12, 2018 2:54 pm

My wife won't touch a computer or a smartphone. I use my email address for both of our accounts. Will I get in trouble with Vanguard for using my phone number for her security codes?
Same here. My wife has never used a smartphone or computer, so I do everything for both with the same numbers. (I wish she would, though, but that's another story.)
People should not say everything they think. They should think about everything they say.

User avatar
oldzey
Posts: 889
Joined: Sun Apr 13, 2014 8:38 pm
Location: Land of Lincoln

Re: Vaguard - You'll need to sign up for security codes soon

Post by oldzey » Wed Jun 13, 2018 4:23 pm

Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 4:14 pm
oldzey wrote:
Wed Jun 13, 2018 4:11 pm
What is this "Vaguard" that you speak of? :P
The company James Bagel founded. :P

We Bagelheads are a cheesy bunch.
I'll have some VBTLoX on my bagel.
"The broker said the stock was 'poised to move.' Silly me, I thought he meant up." ― Randy Thurman

Starting From Scratch
Posts: 29
Joined: Sun Jul 26, 2009 7:03 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Starting From Scratch » Wed Jun 13, 2018 4:34 pm

jhfenton wrote:
Wed Jun 13, 2018 1:39 pm
Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 12:28 pm
Vanguard needs to really add TOTP software security tokens instead of just SMS.
+1 Vanguard needs to support TOTP, and they need to disallow bypassing a security key with SMS.
YES! YES! YES! PLEASE Vanguard! I've written to Vanguard months ago requesting they move to using TOTP and removing SMS. I encourage EVERYONE to do the same.

FlyingMoose
Posts: 370
Joined: Wed Mar 04, 2009 10:48 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by FlyingMoose » Wed Jun 13, 2018 4:36 pm

I use MagicJack. It receives messages fine from my friends, but the ones from Vanguard never arrive. I guess I’ll have to figure something else out...

User avatar
tuningfork
Posts: 318
Joined: Wed Oct 30, 2013 8:30 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by tuningfork » Wed Jun 13, 2018 8:50 pm

Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 12:28 pm
Vanguard needs to really add TOTP software security tokens instead of just SMS. And not the silly Symantec VIP nonsense, which ties you to a single vendor. It's great they support U2F Fido hardware tokens. I'd buy a Yubikey except I don't 100% trust the security of USB.
Just curious, what is it about USB that you wouldn't trust the security of a Yubikey? I understand never to plug in an untrusted USB storage device since it could contain malware, and I'm aware of the possibility of malicious firmware updates that can hijack any firmware-updatable device, USB or not. Yubico claims Yubikeys are immune to this form of hijacking (https://www.yubico.com/2014/08/yubikey-badusb/). Assuming you can trust these claims, are there other security issues with USB that would affect a Yubikey?

User avatar
Pancakes-Eggs-Bacon
Posts: 65
Joined: Wed May 02, 2018 6:17 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Pancakes-Eggs-Bacon » Wed Jun 13, 2018 9:27 pm

tuningfork wrote:
Wed Jun 13, 2018 8:50 pm
Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 12:28 pm
Vanguard needs to really add TOTP software security tokens instead of just SMS. And not the silly Symantec VIP nonsense, which ties you to a single vendor. It's great they support U2F Fido hardware tokens. I'd buy a Yubikey except I don't 100% trust the security of USB.
Just curious, what is it about USB that you wouldn't trust the security of a Yubikey? I understand never to plug in an untrusted USB storage device since it could contain malware, and I'm aware of the possibility of malicious firmware updates that can hijack any firmware-updatable device, USB or not. Yubico claims Yubikeys are immune to this form of hijacking (https://www.yubico.com/2014/08/yubikey-badusb/). Assuming you can trust these claims, are there other security issues with USB that would affect a Yubikey?
Thanks for the link. To your question, pretty much the opacity of the USB standard. Yubico is an American company subject to US law, including National Security Letters and other gag orders and forced cooperation with the American Intelligence Community. While that blog article is reassuring, we still have to take Yubico at face value that they're telling the truth. While U2F is an open standard, its implementation isn't always 100% open-source hardware or open-source software. Who's to say that the private keys or the Random Number Generator used by Yubikeys are predictable? Or the private keys tainted? Or Yubico's root CA compromised, either with their cooperation or without?

At least with the TOTP standard and software tokens, we can at least audit the source code of any app implementations that publish their source (such as FreeOTP).

This is definitely bordering on tinfoil-hat nonsense. I just wish there was more competition in the hardware U2F market besides Yubico's products. Maybe open hardware Do-It-Yourself builds for makers. And I wish that Yubikey didn't use USB as the bus, but it's the gold standard at this point. Their NFC Yubikey looks cool.

Maybe actual smart cards are the solution? Or an overhauled USB 4.0 specification? :P

Dead Man Walking
Posts: 625
Joined: Wed Nov 07, 2007 6:51 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by Dead Man Walking » Wed Jun 13, 2018 9:28 pm

When I close my browser, I delete all cookies; consequently, the next time I log on to the Vanguard site, a message states that Vanguard doesn't recognize my computer and requires that I answer security questions. My bank requires that I receive a security code via email, text, or voice message. It's kind of a pita, but I don't mind.

DMW

User avatar
MP123
Posts: 660
Joined: Thu Feb 16, 2017 3:32 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by MP123 » Wed Jun 13, 2018 10:18 pm

Starting From Scratch wrote:
Wed Jun 13, 2018 4:34 pm
jhfenton wrote:
Wed Jun 13, 2018 1:39 pm
Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 12:28 pm
Vanguard needs to really add TOTP software security tokens instead of just SMS.
+1 Vanguard needs to support TOTP, and they need to disallow bypassing a security key with SMS.
YES! YES! YES! PLEASE Vanguard! I've written to Vanguard months ago requesting they move to using TOTP and removing SMS. I encourage EVERYONE to do the same.
Help me understand TOTP?

It sounds like a shared private key hashed with a timestamp on future exchanges but the key is still vulnerable to intercept on the initial exchange, right?

Or am I missing something?

JBTX
Posts: 3220
Joined: Wed Jul 26, 2017 12:46 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by JBTX » Wed Jun 13, 2018 10:28 pm

Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 9:27 pm
tuningfork wrote:
Wed Jun 13, 2018 8:50 pm
Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 12:28 pm
Vanguard needs to really add TOTP software security tokens instead of just SMS. And not the silly Symantec VIP nonsense, which ties you to a single vendor. It's great they support U2F Fido hardware tokens. I'd buy a Yubikey except I don't 100% trust the security of USB.
Just curious, what is it about USB that you wouldn't trust the security of a Yubikey? I understand never to plug in an untrusted USB storage device since it could contain malware, and I'm aware of the possibility of malicious firmware updates that can hijack any firmware-updatable device, USB or not. Yubico claims Yubikeys are immune to this form of hijacking (https://www.yubico.com/2014/08/yubikey-badusb/). Assuming you can trust these claims, are there other security issues with USB that would affect a Yubikey?
Thanks for the link. To your question, pretty much the opacity of the USB standard. Yubico is an American company subject to US law, including National Security Letters and other gag orders and forced cooperation with the American Intelligence Community. While that blog article is reassuring, we still have to take Yubico at face value that they're telling the truth. While U2F is an open standard, its implementation isn't always 100% open-source hardware or open-source software. Who's to say that the private keys or the Random Number Generator used by Yubikeys are predictable? Or the private keys tainted? Or Yubico's root CA compromised, either with their cooperation or without?

At least with the TOTP standard and software tokens, we can at least audit the source code of any app implementations that publish their source (such as FreeOTP).

This is definitely bordering on tinfoil-hat nonsense. I just wish there was more competition in the hardware U2F market besides Yubico's products. Maybe open hardware Do-It-Yourself builds for makers. And I wish that Yubikey didn't use USB as the bus, but it's the gold standard at this point. Their NFC Yubikey looks cool.

Maybe actual smart cards are the solution? Or an overhauled USB 4.0 specification? :P
What's wrong with the symantic app? Seems to work well. It is free.

User avatar
Pancakes-Eggs-Bacon
Posts: 65
Joined: Wed May 02, 2018 6:17 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Pancakes-Eggs-Bacon » Wed Jun 13, 2018 10:46 pm

JBTX wrote:
Wed Jun 13, 2018 10:28 pm
What's wrong with the symantic app? Seems to work well. It is free.
Yeah, it works great, but it's proprietary. It's not a true TOTP standard where the end user has the freedom to use whatever app he/she desires like Google Authenticator, Authy, or the dozens out there. I personally use Authy and have a dozen or so services installed.

But Fidelity, PayPal, USAA, and many other companies use Symantec VIP since, for them, it's the easy way out and probably less overhead/management. But for us customers, it's yet another app we're tied to. So now I have to use both Authy and Symantec VIP and would rather consolidate with just Authy.

jalbert
Posts: 3071
Joined: Fri Apr 10, 2015 12:29 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by jalbert » Wed Jun 13, 2018 10:56 pm

KlingKlang wrote:
Tue Jun 12, 2018 2:54 pm
I just received an email from Vanguard Flagship Services addressed to my wife with the message "You'll soon be required to sign up for security codes".

My wife won't touch a computer or a smartphone. I use my email address for both of our accounts. Will I get in trouble with Vanguard for using my phone number for her security codes?
The bigger problem is using your wife’s login name and password to login to her account. You should either be named on the titling of the account or Vanguard’s “POA” paperwork should be filed granting you account privileges and then you can use your own login to manage your wife’s account while confirming to Vanguard’s acceptable use policy.
Risk is not a guarantor of return.

Kompass
Posts: 104
Joined: Sat Oct 01, 2016 5:42 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by Kompass » Wed Jun 13, 2018 11:30 pm

I got the same email last night about my mother’s annuity for which I am DPOA.

I have my own brokerage account there as well as a trust with the trust company. Her annuity account shows up on my page and I manage everything from there. This email was referencing my parents old logon which is still there although unused. I changed the email and phone to mine three years ago when my father died. The email reminded me that this is still a hole in our security and as such I should disable that logon.

I called flagship to ask them to disable it, after spending 25 minutes on the phone with the rep he came to the conclusion that 1. he could not change anything, 2. I could not log on or change anything since it is not my account, 3. my mother, who has dementia, cannot talk to them on the phone or access the account to change it.

This ended in a stalemate with Vanguard and left me with the same security issue.

Five minutes later, I logged on (apparently illegally) and added two-step authentication to my phone which is already on the account. Problem handled as much is it can be.

Between the two of us we have $4mm at Vanguard, mostly mine, and this is the best they can do? I should have saved myself half an hour of frustration by not calling them at all. :annoyed
The large print giveth and the fine print taketh away.

letsgobobby
Posts: 11272
Joined: Fri Sep 18, 2009 1:10 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by letsgobobby » Thu Jun 14, 2018 12:22 am

Pancakes-Eggs-Bacon wrote:
Wed Jun 13, 2018 12:28 pm
Vanguard needs to really add TOTP software security tokens instead of just SMS. And not the silly Symantec VIP nonsense, which ties you to a single vendor. It's great they support U2F Fido hardware tokens. I'd buy a Yubikey except I don't 100% trust the security of USB.
Can you translate this into English?

Miriam2
Posts: 2088
Joined: Fri Nov 14, 2014 11:51 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Miriam2 » Thu Jun 14, 2018 12:45 am

Kevin M wrote:
KlingKlang wrote: How much effort is it to become an authorized agent on another's account? This would be for both my wife and my mother (I am the joint owner on all non-qualified accounts).
You need to fill out the agent authorization form, agent signs it, and owner gets notarized signature and signature of two witnesses. Then of course mail it to Vanguard.
Kevin
Would being an authorized agent on another's account be sort of like being a joint owner? For couples, does it make sense to be an authorized agent for each other's IRAs, in addition to being a beneficiary? Looks like it would help smooth managing non-joint accounts when "aging-issues" come upon us.

jalbert
Posts: 3071
Joined: Fri Apr 10, 2015 12:29 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by jalbert » Thu Jun 14, 2018 3:07 am

Would being an authorized agent on another's account be sort of like being a joint owner?
It is more like being a power of attorney. Being a joint owner is another way to get authorized access, but it imparts ownership rights as well, and there are no joint IRAs to my knowledge.

Once someone is authorized to manage someone else’s account it will show up in their online sessions.

If you use someone else’s login and password, even if that person wishes for you to do so, it violates Vanguard’s acceptable-use policy and may weaken the protections you are accorded if the account is breached.

Login credentials not only are used to ensure authorized access to an account, but also for entries in an audit trail of usage. If you use someone else’s login, the audit trail no longer reflects the usage.
Risk is not a guarantor of return.

jebmke
Posts: 7902
Joined: Thu Apr 05, 2007 2:44 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by jebmke » Thu Jun 14, 2018 6:41 am

jalbert wrote:
Thu Jun 14, 2018 3:07 am
Would being an authorized agent on another's account be sort of like being a joint owner?
It is more like being a power of attorney. Being a joint owner is another way to get authorized access, but it imparts ownership rights as well, and there are no joint IRAs to my knowledge.

Once someone is authorized to manage someone else’s account it will show up in their online sessions.

If you use someone else’s login and password, even if that person wishes for you to do so, it violates Vanguard’s acceptable-use policy and may weaken the protections you are accorded if the account is breached.

Login credentials not only are used to ensure authorized access to an account, but also for entries in an audit trail of usage. If you use someone else’s login, the audit trail no longer reflects the usage.
A Power of Attorney is normally no longer effective at the time of death. Is the same true for Vanguard's Authorized Agent?
When you discover that you are riding a dead horse, the best strategy is to dismount.

indexonlyplease
Posts: 1021
Joined: Thu Apr 30, 2015 12:30 pm
Location: Pembroke Pines, FL

Re: Vanguard - You'll need to sign up for security codes soon

Post by indexonlyplease » Thu Jun 14, 2018 6:52 am

KlingKlang wrote:
Tue Jun 12, 2018 2:54 pm
I just received an email from Vanguard Flagship Services addressed to my wife with the message "You'll soon be required to sign up for security codes".

My wife won't touch a computer or a smartphone. I use my email address for both of our accounts. Will I get in trouble with Vanguard for using my phone number for her security codes?
Thats funny. My 85 yr old dad uses a computer and smart phone daily. And I thought he was out dated?

Jack FFR1846
Posts: 7030
Joined: Tue Dec 31, 2013 7:05 am

Re: Vanguard - You'll need to sign up for security codes soon

Post by Jack FFR1846 » Thu Jun 14, 2018 7:18 am

I'm not flagship with Vanguard and have resisted both added security and linking my bank. They tell me that my profile is 35% complete. This morning, to log in, I had to pee into my phone. :shock:
Bogle: Smart Beta is stupid

jalbert
Posts: 3071
Joined: Fri Apr 10, 2015 12:29 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by jalbert » Thu Jun 14, 2018 11:58 am

jebmke wrote:
Thu Jun 14, 2018 6:41 am
jalbert wrote:
Thu Jun 14, 2018 3:07 am
Would being an authorized agent on another's account be sort of like being a joint owner?
It is more like being a power of attorney. Being a joint owner is another way to get authorized access, but it imparts ownership rights as well, and there are no joint IRAs to my knowledge.

Once someone is authorized to manage someone else’s account it will show up in their online sessions.

If you use someone else’s login and password, even if that person wishes for you to do so, it violates Vanguard’s acceptable-use policy and may weaken the protections you are accorded if the account is breached.

Login credentials not only are used to ensure authorized access to an account, but also for entries in an audit trail of usage. If you use someone else’s login, the audit trail no longer reflects the usage.
A Power of Attorney is normally no longer effective at the time of death. Is the same true for Vanguard's Authorized Agent?
Yes. When an account owner dies, if there is a payable on death beneficiary declared, Vanguard will release funds to that person. If not, it goes to the account owner’s estate and the estate executor is who will be authorized to manage the account upon death of the deceased owner.
Risk is not a guarantor of return.

User avatar
Mel Lindauer
Moderator
Posts: 28288
Joined: Mon Feb 19, 2007 8:49 pm
Location: Daytona Beach Shores, Florida
Contact:

Re: Vaguard - You'll need to sign up for security codes soon

Post by Mel Lindauer » Thu Jun 14, 2018 9:48 pm

FlyingMoose wrote:
Wed Jun 13, 2018 4:36 pm
I use MagicJack. It receives messages fine from my friends, but the ones from Vanguard never arrive. I guess I’ll have to figure something else out...
MagicJack recently instituted a robo call/spam filter. The phone rings and then the software asks the caller to push a specific random number. Non-human callers (like Vanguard's call) can't respond and thus don't get put through.
Best Regards - Mel | | Semper Fi

Drovor
Posts: 92
Joined: Sun Oct 25, 2015 9:50 am

Re: Vaguard - You'll need to sign up for security codes soon

Post by Drovor » Thu Jun 14, 2018 11:24 pm

Kevin M wrote:
Tue Jun 12, 2018 6:44 pm
KlingKlang wrote:
Tue Jun 12, 2018 5:37 pm
How much effort is it to become an authorized agent on another's account? This would be for both my wife and my mother (I am the joint owner on all non-qualified accounts).
You need to fill out the agent authorization form, agent signs it, and owner gets notarized signature and signature of two witnesses. Then of course mail it to Vanguard.

Kevin
If you don't need complete access it can be done all online pretty quickly. I have it setup for my wife's account and able to do most things under my own account.

bagle
Posts: 45
Joined: Tue Feb 22, 2011 5:59 am

Re: Vanguard - You'll need to sign up for security codes soon

Post by bagle » Fri Jun 15, 2018 8:41 am

Will the security code only be texted to cell phones, or will it also be sent to an email address?

ResearchMed
Posts: 6425
Joined: Fri Dec 26, 2008 11:25 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by ResearchMed » Fri Jun 15, 2018 8:47 am

jalbert wrote:
Thu Jun 14, 2018 3:07 am
Would being an authorized agent on another's account be sort of like being a joint owner?
It is more like being a power of attorney. Being a joint owner is another way to get authorized access, but it imparts ownership rights as well, and there are no joint IRAs to my knowledge.

Once someone is authorized to manage someone else’s account it will show up in their online sessions.

If you use someone else’s login and password, even if that person wishes for you to do so, it violates Vanguard’s acceptable-use policy and may weaken the protections you are accorded if the account is breached.

Login credentials not only are used to ensure authorized access to an account, but also for entries in an audit trail of usage. If you use someone else’s login, the audit trail no longer reflects the usage.
[Emphasis added]

Unfortunately, it is NOT always the case that when one is a fully authorized user (per Vanguard's own forms, etc.), that the agent will *see* online access when logged in as agent.

At least for some (maybe all?) 403b accounts, there is NO POSSIBLE ONLINE ACCESS for the fully authorized agent.
Nothing can be seen when logged in properly *as agent*.

The ONLY way even to know that the money is even still there? CALL Vanguard, and have customer service READ VERBALLY whatever/everything the agent wants to know.

Need to verify balance on every holding? CALL and have them READ each and every holding and balance. Need to make sure that dividends/cap gains have arrived properly for each holding? Need to check that the VERBAL buy/sell/exchange order was properly executed? Need to check that each new contribution was deposited properly?
Call.
The agent is free to write each holding and amount down, obviously, but that won't help the agent "see" if other deposits arrived later, or if any exchanges were done properly, etc...
... unless the agent CALLS again and has whatever one needs read verbally to him/her.

Vanguard is fully aware of this and apparently has no plans to give the agent in such 403b accounts proper online access (not even for viewing/monitoring, which would minimally be adequate).

RM
This signature is a placebo. You are in the control group.

FlyingMoose
Posts: 370
Joined: Wed Mar 04, 2009 10:48 pm

Re: Vaguard - You'll need to sign up for security codes soon

Post by FlyingMoose » Fri Jun 15, 2018 9:46 am

Mel Lindauer wrote:
Thu Jun 14, 2018 9:48 pm
FlyingMoose wrote:
Wed Jun 13, 2018 4:36 pm
I use MagicJack. It receives messages fine from my friends, but the ones from Vanguard never arrive. I guess I’ll have to figure something else out...
MagicJack recently instituted a robo call/spam filter. The phone rings and then the software asks the caller to push a specific random number. Non-human callers (like Vanguard's call) can't respond and thus don't get put through.
I am referring to SMS text messages, not phone calls.

Post Reply