Higher levels of security

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills
Post Reply
User avatar
Topic Author
tc101
Posts: 3249
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Higher levels of security

Post by tc101 » Tue Jan 14, 2020 11:07 am

Most of my money is at Vanguard, but I also have accounts at Schwab, Fidelity and Ally. What do you do to get higher levels of security at any of these institutions?
. | The most important thing you should know about me is that I am not an expert.

User avatar
simplesimon
Posts: 3441
Joined: Mon Feb 25, 2008 8:53 pm
Location: Boston, MA

Re: Higher levels of security

Post by simplesimon » Tue Jan 14, 2020 11:11 am

Go to account settings or account maintenance and turn on two-factor authentication.

After that, each time you log in you'll be texted or emailed a four to six digit number to enter and verify before getting access to your accounts.

GmanJeff
Posts: 548
Joined: Sun Jun 11, 2017 7:12 am

Re: Higher levels of security

Post by GmanJeff » Tue Jan 14, 2020 12:53 pm

As SS says above, use multifactor authentication on your accounts.

Also, adopt other good cyber hygiene practices - don't log in from untrusted networks such as public wi-fi, use a firewall, use updated antivirus and advanced malware detection software, don't fall for phishing, use complex passwords, etc.

User avatar
Topic Author
tc101
Posts: 3249
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Re: Higher levels of security

Post by tc101 » Wed Jan 15, 2020 9:07 am

Do they have multi factor authentication at Ally? If so, I can't find it.
. | The most important thing you should know about me is that I am not an expert.

User avatar
Phineas J. Whoopee
Posts: 8989
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Wed Jan 15, 2020 4:38 pm

tc101 wrote:
Wed Jan 15, 2020 9:07 am
Do they have multi factor authentication at Ally? If so, I can't find it.
It doesn't seem to be possible to copy the link for you, but when I went to Ally's website and used the search function for authentication it was the top result.

PJW

Hockey10
Posts: 654
Joined: Wed Aug 24, 2016 12:20 pm
Location: Philadelphia suburbs

Re: Higher levels of security

Post by Hockey10 » Wed Jan 15, 2020 5:16 pm

Fidelity offers the Symantec VIP Access app for 2FA. This provides a 6 digit code that changes each 30 seconds. This has worked well for me for many years.

RetiredAL
Posts: 504
Joined: Tue Jun 06, 2017 12:09 am
Location: SF Bay Area

Re: Higher levels of security

Post by RetiredAL » Wed Jan 15, 2020 5:26 pm

Recently, USAA forced 2FA onto me. I personally hate it.

User avatar
AerialWombat
Posts: 980
Joined: Tue May 29, 2018 1:07 pm

Re: Higher levels of security

Post by AerialWombat » Wed Jan 15, 2020 5:39 pm

I recently signed up for a VPN service called SurfShark, and am running it on both my laptop and phone. I’ve convinced myself that its “better than nothing” since I am currently living on the road and relying on public wi-fi for all Internet access.
“Life doesn’t come with a warranty.” -Michael LeBoeuf

User avatar
Topic Author
tc101
Posts: 3249
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Re: Higher levels of security

Post by tc101 » Wed Jan 15, 2020 7:15 pm

Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts. We won't prompt you to enter your security code on computers or devices that we recognize if you choose this frequency. For your protection, we will send you a security code and ask you to enter it when you log on from a computer or device that we don't recognize."

I could have chosen the security code every time I log in, but is that necessary?
. | The most important thing you should know about me is that I am not an expert.

User avatar
Topic Author
tc101
Posts: 3249
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Re: Higher levels of security

Post by tc101 » Wed Jan 15, 2020 7:17 pm

Same thing with Ally. They were already set up to do it when I log in from a computer they don't recognize. Isn't this good enough?
. | The most important thing you should know about me is that I am not an expert.

HawkeyePierce
Posts: 837
Joined: Tue Mar 05, 2019 10:29 pm
Location: Colorado

Re: Higher levels of security

Post by HawkeyePierce » Wed Jan 15, 2020 7:36 pm

AerialWombat wrote:
Wed Jan 15, 2020 5:39 pm
I recently signed up for a VPN service called SurfShark, and am running it on both my laptop and phone. I’ve convinced myself that its “better than nothing” since I am currently living on the road and relying on public wi-fi for all Internet access.
A VPN is *worse* than nothing. There’s usually no way to know who actually runs the VPN and you have zero guarantee of their security. It’s a false sense of security that only serves to open up more attack vectors.

HTTPS already provides everything people *think* they want from a VPN.

User avatar
Phineas J. Whoopee
Posts: 8989
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Wed Jan 15, 2020 7:37 pm

Yes, tc101, with respect to security it's good enough. Your computer, which they recognize, is something you have. The three factors are something you know, something you have, and something you are. Any two are far more secure than just one.

Personally I feel better seeing the mechanism work each time, but that's a psychological preference, not a security one.

Before I go to bed I check to make sure I locked my door.

PJW

User avatar
AAA
Posts: 1220
Joined: Sat Jan 12, 2008 8:56 am

Re: Higher levels of security

Post by AAA » Wed Jan 15, 2020 8:07 pm

tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?

User avatar
AerialWombat
Posts: 980
Joined: Tue May 29, 2018 1:07 pm

Re: Higher levels of security

Post by AerialWombat » Wed Jan 15, 2020 8:26 pm

HawkeyePierce wrote:
Wed Jan 15, 2020 7:36 pm
AerialWombat wrote:
Wed Jan 15, 2020 5:39 pm
I recently signed up for a VPN service called SurfShark, and am running it on both my laptop and phone. I’ve convinced myself that its “better than nothing” since I am currently living on the road and relying on public wi-fi for all Internet access.
A VPN is *worse* than nothing. There’s usually no way to know who actually runs the VPN and you have zero guarantee of their security. It’s a false sense of security that only serves to open up more attack vectors.

HTTPS already provides everything people *think* they want from a VPN.
Well, drat. :oops:
“Life doesn’t come with a warranty.” -Michael LeBoeuf

User avatar
Phineas J. Whoopee
Posts: 8989
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Wed Jan 15, 2020 8:44 pm

AAA wrote:
Wed Jan 15, 2020 8:07 pm
tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?
Probably a cookie. In the past, maybe in the present, it was possible to do it more stealthily via Adobe Flash. I don't know whether that's the case anymore.

It's why, when people have trouble logging in to some site, the advice often begins with clear your cookies and clear your cache.

There's this weird thing about recognizing IP addresses, but they can be set manually, at least on computers the sysadmin has total control over, but that's less common these days. There's also a danger of choosing an IP address somebody else is using.

Empirically one can remotely, without cheating, identify so much about a particular computer that most of the time it can be associated with a single individual, even if the user's identity is unknown.

As an additional note, Voice over Internet Protocol, VOIP, has made it trivially easy to spoof a caller ID number.

Maybe we should be careful what interconnectivity and interoperability we wish for.

PJW

User avatar
AAA
Posts: 1220
Joined: Sat Jan 12, 2008 8:56 am

Re: Higher levels of security

Post by AAA » Thu Jan 16, 2020 12:23 pm

Phineas J. Whoopee wrote:
Wed Jan 15, 2020 8:44 pm
AAA wrote:
Wed Jan 15, 2020 8:07 pm
tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?
Probably a cookie.
I clear browser history after every time that I enter any personal information such as passwords and credit card numbers, so I guess this Vanguard option wouldn't be very useful for me.

User avatar
Phineas J. Whoopee
Posts: 8989
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Thu Jan 16, 2020 8:55 pm

AAA wrote:
Thu Jan 16, 2020 12:23 pm
Phineas J. Whoopee wrote:
Wed Jan 15, 2020 8:44 pm
AAA wrote:
Wed Jan 15, 2020 8:07 pm
tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?
Probably a cookie.
I clear browser history after every time that I enter any personal information such as passwords and credit card numbers, so I guess this Vanguard option wouldn't be very useful for me.
I do the same, with Firefox. I have it set up to delete all that stuff every time it exits - always behave as if in private mode. I simply made it a habit to exit the application every time I finish using a website. That way I don't have to try to remember whether it's necessary or not.

PJW

ARoseByAnyOtherName
Posts: 461
Joined: Wed Apr 26, 2017 12:03 am

Re: Higher levels of security

Post by ARoseByAnyOtherName » Fri Jan 17, 2020 1:18 am

tc101 wrote:
Tue Jan 14, 2020 11:07 am
Most of my money is at Vanguard, but I also have accounts at Schwab, Fidelity and Ally. What do you do to get higher levels of security at any of these institutions?
What do you mean by “higher levels of security“?

What are you trying to accomplish?

twr
Posts: 1
Joined: Fri Jan 17, 2020 1:08 am

Re: Higher levels of security

Post by twr » Fri Jan 17, 2020 1:33 am

As others have stated above, 2FA (two-factor authentication) is the easiest and most secure thing you can do to harden your accounts.

Your choice of web browser is important as well, as some browsers are "better" at security than others. For instance, Firefox recently announced multi-account containers, which let you "[...]separate your work, shopping or personal browsing without having to clear your history, log in and out, or use multiple browsers."

Probably most important of all is to be observant of your digital surroundings. The most effective hacks happen via social engineering rather than security vulnerabilities. Don't click suspicious links, never give out personal details to a financial institution unless YOU call them, and if your gut tells you something doesn't feel right, it most likely isn't.

Stay safe out there!

Post Reply