Author Topic: Brokerage Login Security  (Read 577 times)

GreenEggs

  • Handlebar Stache
  • *****
  • Posts: 1131
  • Location: Here & There
Brokerage Login Security
« on: November 10, 2019, 07:57:37 AM »
What security measures does your broker use to ensure customer login security?


My Vanguard account uses the normal username & password and also a text authentication code.  Is that enough? 


I've heard SIM card hacking is a threat, so I'm looking for more better options or additional layers of protection. 


Any good ideas?

efree

  • 5 O'Clock Shadow
  • *
  • Posts: 64
  • Location: Europe
    • My blog about P2P lending
Re: Brokerage Login Security
« Reply #1 on: November 10, 2019, 12:26:16 PM »
I think it's good to be security-conscious but you shouldn't be paranoid. The most important thing is your password - it should be long (at least 10-12 characters) and impossible to guess. Nowadays serious institutions don't store passwords in their database, they only store hash values, so even if there's a security breach your password should be safe.

I also use a password manager (LastPass). That way I don't have to remember all my long and difficult passwords. I don't use two-factor authentication unless it's required because I don't think anyone's out to get me. In my opinion, a strong password is enough.

shinn497

  • Bristles
  • ***
  • Posts: 391
Re: Brokerage Login Security
« Reply #2 on: November 10, 2019, 06:08:30 PM »
You should be using 2FA. Authenticator based 2FA

Travis

  • Magnum Stache
  • ******
  • Posts: 3129
  • Location: South Korea
Re: Brokerage Login Security
« Reply #3 on: November 10, 2019, 06:43:25 PM »
My Vanguard account uses the normal username & password and also a text authentication code.  Is that enough? 

That's pretty much the industry standard right now. All my brokerage and bank sites have transitioned to it. 

Additional tips:
Long passwords
Don't do personal business on public computers or public network connections
Don't use your computer's admin profile for personal business, create a separate profile
Don't click on links in emails
If the email seems phishy ignore it. Call them or manually go to their website if you think there's a concern.