generallyspeaking wrote: ↑Wed Apr 17, 2019 6:00 pm
A few folks on this thread have pointed out that other services (like banks and brokerages) have the same amount of data as PC. While this is true, we also have limited options. We all need banks and brokerages - there's no getting around it.
However, I would personally want to reduce the number of services which have my data and information. PC is just not useful enough for me to risk my funds in any capacity (it also looks like companies like Fidelity don't guarantee losses if you share your credentials:
https://www.fidelity.com/security/custo ... -guarantee)
"If you grant authority to, or share your Fidelity account access credentials or information with, any persons or entities, their activity will be considered authorized by you."
With that definition anyone using a password manager like Lastpass or Dashlane would also not be covered.
Read the the fine print of the guarantee:
https://wps.retire.fidelity.com/Securit ... Login.html
"Fidelity will determine the type and amount of reimbursement, including whether to replace the securities in your account that were taken, and may seek restitution for reimbursements made under this guarantee from the person(s) or entity that committed the unauthorized activity. We may not provide reimbursement if you are reimbursed, or eligible for reimbursement or other coverage, by others for the unauthorized transactions; for example, by your insurance company.
Fidelity may ask that you assign to it certain rights you may have regarding your loss and to sign a release form as a condition of reimbursement. You may not assign your rights under the guarantee to any other individual or party."
You are relying on Fidelity to be the sole arbitrator of whether you are eligible for any reimbursement and how much. I think the "guarantee" is a slick piece of advertising and should not be confused with real protection like FDIC on a bank account.
If people want to crack into any of my financial accounts they have to either guess my lastpass login/password and defeat the two factor authentication or guess the lastpass generated password for that account like W0#4*^Gd#YT6. They also have to take over my main email account which is protected by 2FA (login/password unique and not in Lastpass) because the brokerage will send an email notifying me of any transaction/password changes. Lastly I have Mint which shows all my linked accounts and transactions and which I regularly check.
There are benefits to having linked accounts: it's much harder for a crook to steal money from one if it triggers multiple notifications that alert the owner.