Higher levels of security

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills
Post Reply
User avatar
Topic Author
tc101
Posts: 3256
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Higher levels of security

Post by tc101 » Tue Jan 14, 2020 11:07 am

Most of my money is at Vanguard, but I also have accounts at Schwab, Fidelity and Ally. What do you do to get higher levels of security at any of these institutions?
. | The most important thing you should know about me is that I am not an expert.

User avatar
simplesimon
Posts: 3449
Joined: Mon Feb 25, 2008 8:53 pm
Location: Boston, MA

Re: Higher levels of security

Post by simplesimon » Tue Jan 14, 2020 11:11 am

Go to account settings or account maintenance and turn on two-factor authentication.

After that, each time you log in you'll be texted or emailed a four to six digit number to enter and verify before getting access to your accounts.

GmanJeff
Posts: 554
Joined: Sun Jun 11, 2017 7:12 am

Re: Higher levels of security

Post by GmanJeff » Tue Jan 14, 2020 12:53 pm

As SS says above, use multifactor authentication on your accounts.

Also, adopt other good cyber hygiene practices - don't log in from untrusted networks such as public wi-fi, use a firewall, use updated antivirus and advanced malware detection software, don't fall for phishing, use complex passwords, etc.

User avatar
Topic Author
tc101
Posts: 3256
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Re: Higher levels of security

Post by tc101 » Wed Jan 15, 2020 9:07 am

Do they have multi factor authentication at Ally? If so, I can't find it.
. | The most important thing you should know about me is that I am not an expert.

User avatar
Phineas J. Whoopee
Posts: 9033
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Wed Jan 15, 2020 4:38 pm

tc101 wrote:
Wed Jan 15, 2020 9:07 am
Do they have multi factor authentication at Ally? If so, I can't find it.
It doesn't seem to be possible to copy the link for you, but when I went to Ally's website and used the search function for authentication it was the top result.

PJW

Hockey10
Posts: 667
Joined: Wed Aug 24, 2016 12:20 pm
Location: Philadelphia suburbs

Re: Higher levels of security

Post by Hockey10 » Wed Jan 15, 2020 5:16 pm

Fidelity offers the Symantec VIP Access app for 2FA. This provides a 6 digit code that changes each 30 seconds. This has worked well for me for many years.

RetiredAL
Posts: 515
Joined: Tue Jun 06, 2017 12:09 am
Location: SF Bay Area

Re: Higher levels of security

Post by RetiredAL » Wed Jan 15, 2020 5:26 pm

Recently, USAA forced 2FA onto me. I personally hate it.

User avatar
AerialWombat
Posts: 1024
Joined: Tue May 29, 2018 1:07 pm

Re: Higher levels of security

Post by AerialWombat » Wed Jan 15, 2020 5:39 pm

I recently signed up for a VPN service called SurfShark, and am running it on both my laptop and phone. I’ve convinced myself that its “better than nothing” since I am currently living on the road and relying on public wi-fi for all Internet access.
“Life doesn’t come with a warranty.” -Michael LeBoeuf

User avatar
Topic Author
tc101
Posts: 3256
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Re: Higher levels of security

Post by tc101 » Wed Jan 15, 2020 7:15 pm

Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts. We won't prompt you to enter your security code on computers or devices that we recognize if you choose this frequency. For your protection, we will send you a security code and ask you to enter it when you log on from a computer or device that we don't recognize."

I could have chosen the security code every time I log in, but is that necessary?
. | The most important thing you should know about me is that I am not an expert.

User avatar
Topic Author
tc101
Posts: 3256
Joined: Tue Feb 20, 2007 3:18 pm
Location: Atlanta - Retired in 2004 at age 54

Re: Higher levels of security

Post by tc101 » Wed Jan 15, 2020 7:17 pm

Same thing with Ally. They were already set up to do it when I log in from a computer they don't recognize. Isn't this good enough?
. | The most important thing you should know about me is that I am not an expert.

HawkeyePierce
Posts: 863
Joined: Tue Mar 05, 2019 10:29 pm
Location: Colorado

Re: Higher levels of security

Post by HawkeyePierce » Wed Jan 15, 2020 7:36 pm

AerialWombat wrote:
Wed Jan 15, 2020 5:39 pm
I recently signed up for a VPN service called SurfShark, and am running it on both my laptop and phone. I’ve convinced myself that its “better than nothing” since I am currently living on the road and relying on public wi-fi for all Internet access.
A VPN is *worse* than nothing. There’s usually no way to know who actually runs the VPN and you have zero guarantee of their security. It’s a false sense of security that only serves to open up more attack vectors.

HTTPS already provides everything people *think* they want from a VPN.

User avatar
Phineas J. Whoopee
Posts: 9033
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Wed Jan 15, 2020 7:37 pm

Yes, tc101, with respect to security it's good enough. Your computer, which they recognize, is something you have. The three factors are something you know, something you have, and something you are. Any two are far more secure than just one.

Personally I feel better seeing the mechanism work each time, but that's a psychological preference, not a security one.

Before I go to bed I check to make sure I locked my door.

PJW

User avatar
AAA
Posts: 1224
Joined: Sat Jan 12, 2008 8:56 am

Re: Higher levels of security

Post by AAA » Wed Jan 15, 2020 8:07 pm

tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?

User avatar
AerialWombat
Posts: 1024
Joined: Tue May 29, 2018 1:07 pm

Re: Higher levels of security

Post by AerialWombat » Wed Jan 15, 2020 8:26 pm

HawkeyePierce wrote:
Wed Jan 15, 2020 7:36 pm
AerialWombat wrote:
Wed Jan 15, 2020 5:39 pm
I recently signed up for a VPN service called SurfShark, and am running it on both my laptop and phone. I’ve convinced myself that its “better than nothing” since I am currently living on the road and relying on public wi-fi for all Internet access.
A VPN is *worse* than nothing. There’s usually no way to know who actually runs the VPN and you have zero guarantee of their security. It’s a false sense of security that only serves to open up more attack vectors.

HTTPS already provides everything people *think* they want from a VPN.
Well, drat. :oops:
“Life doesn’t come with a warranty.” -Michael LeBoeuf

User avatar
Phineas J. Whoopee
Posts: 9033
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Wed Jan 15, 2020 8:44 pm

AAA wrote:
Wed Jan 15, 2020 8:07 pm
tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?
Probably a cookie. In the past, maybe in the present, it was possible to do it more stealthily via Adobe Flash. I don't know whether that's the case anymore.

It's why, when people have trouble logging in to some site, the advice often begins with clear your cookies and clear your cache.

There's this weird thing about recognizing IP addresses, but they can be set manually, at least on computers the sysadmin has total control over, but that's less common these days. There's also a danger of choosing an IP address somebody else is using.

Empirically one can remotely, without cheating, identify so much about a particular computer that most of the time it can be associated with a single individual, even if the user's identity is unknown.

As an additional note, Voice over Internet Protocol, VOIP, has made it trivially easy to spoof a caller ID number.

Maybe we should be careful what interconnectivity and interoperability we wish for.

PJW

User avatar
AAA
Posts: 1224
Joined: Sat Jan 12, 2008 8:56 am

Re: Higher levels of security

Post by AAA » Thu Jan 16, 2020 12:23 pm

Phineas J. Whoopee wrote:
Wed Jan 15, 2020 8:44 pm
AAA wrote:
Wed Jan 15, 2020 8:07 pm
tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?
Probably a cookie.
I clear browser history after every time that I enter any personal information such as passwords and credit card numbers, so I guess this Vanguard option wouldn't be very useful for me.

User avatar
Phineas J. Whoopee
Posts: 9033
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Thu Jan 16, 2020 8:55 pm

AAA wrote:
Thu Jan 16, 2020 12:23 pm
Phineas J. Whoopee wrote:
Wed Jan 15, 2020 8:44 pm
AAA wrote:
Wed Jan 15, 2020 8:07 pm
tc101 wrote:
Wed Jan 15, 2020 7:15 pm
Vanguard has two options - I chose this one:

"Only when Vanguard doesn't recognize my computer or device.
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts.
What is it about the computer that Vanguard is remembering/recognizing?
Probably a cookie.
I clear browser history after every time that I enter any personal information such as passwords and credit card numbers, so I guess this Vanguard option wouldn't be very useful for me.
I do the same, with Firefox. I have it set up to delete all that stuff every time it exits - always behave as if in private mode. I simply made it a habit to exit the application every time I finish using a website. That way I don't have to try to remember whether it's necessary or not.

PJW

ARoseByAnyOtherName
Posts: 481
Joined: Wed Apr 26, 2017 12:03 am

Re: Higher levels of security

Post by ARoseByAnyOtherName » Fri Jan 17, 2020 1:18 am

tc101 wrote:
Tue Jan 14, 2020 11:07 am
Most of my money is at Vanguard, but I also have accounts at Schwab, Fidelity and Ally. What do you do to get higher levels of security at any of these institutions?
What do you mean by “higher levels of security“?

What are you trying to accomplish?

twr
Posts: 9
Joined: Fri Jan 17, 2020 1:08 am

Re: Higher levels of security

Post by twr » Fri Jan 17, 2020 1:33 am

As others have stated above, 2FA (two-factor authentication) is the easiest and most secure thing you can do to harden your accounts.

Your choice of web browser is important as well, as some browsers are "better" at security than others. For instance, Firefox recently announced multi-account containers, which let you "[...]separate your work, shopping or personal browsing without having to clear your history, log in and out, or use multiple browsers."

Probably most important of all is to be observant of your digital surroundings. The most effective hacks happen via social engineering rather than security vulnerabilities. Don't click suspicious links, never give out personal details to a financial institution unless YOU call them, and if your gut tells you something doesn't feel right, it most likely isn't.

Stay safe out there!

User avatar
Phineas J. Whoopee
Posts: 9033
Joined: Sun Dec 18, 2011 6:18 pm

Re: Higher levels of security

Post by Phineas J. Whoopee » Fri Jan 17, 2020 5:41 pm

Thank you twr. That's valuable information. Welcome to the forum.
PJW

Silence Dogood
Posts: 1240
Joined: Tue Feb 01, 2011 9:22 pm

Re: Higher levels of security

Post by Silence Dogood » Fri Jan 17, 2020 8:03 pm

I use a Firefox add-on called Cookie AutoDelete.

This add-on automatically deletes the cookies of websites I visit expect for those that I have white-listed.

Silence Dogood
Posts: 1240
Joined: Tue Feb 01, 2011 9:22 pm

Re: Higher levels of security

Post by Silence Dogood » Fri Jan 17, 2020 8:08 pm

tc101 wrote:
Tue Jan 14, 2020 11:07 am
Most of my money is at Vanguard, but I also have accounts at Schwab, Fidelity and Ally. What do you do to get higher levels of security at any of these institutions?
I posted this recently in another thread, but it applies here as well:
Silence Dogood wrote:
Wed Jan 15, 2020 5:44 pm
My Vanguard account is set up so that I can only log on from a recognized device (only my home computer is recognized).

My account is set up so that two-factor authentication is required each time I log on (regardless of the fact that my computer is already recognized).

I use a unique, complex, randomly-generated password that is changed periodically.

I have account activity alerts set up - I should be alerted to any activity via both e-mail and SMS.

I log on whenever I get a new statement or tax form. I download each statement/tax form and, after careful review, save them to my hard drive. I periodically back up my main hard drive to a backup hard drive.

I never click on any links to access my account.

twr
Posts: 9
Joined: Fri Jan 17, 2020 1:08 am

Re: Higher levels of security

Post by twr » Thu Jan 23, 2020 4:25 pm

Phineas J. Whoopee wrote:
Fri Jan 17, 2020 5:41 pm
Thank you twr. That's valuable information. Welcome to the forum.
PJW
You’re welcome! And thanks for the warm welcome, glad to be joining such a great community.

KlangFool
Posts: 14688
Joined: Sat Oct 11, 2008 12:35 pm

Re: Higher levels of security

Post by KlangFool » Thu Jan 23, 2020 4:31 pm

tc101 wrote:
Tue Jan 14, 2020 11:07 am
Most of my money is at Vanguard, but I also have accounts at Schwab, Fidelity and Ally. What do you do to get higher levels of security at any of these institutions?
tc101,

I assumed that my account will be hacked eventually. Hence, I received alerts and monitored/downloaded the transactions from those accounts to Quicken regularly and re-verify the transactions.

KlangFool

Post Reply