|
|
Different Identity Protection
09-11-2017, 07:46 PM
|
#1
|
Moderator
Join Date: Nov 2014
Posts: 9,171
|
Different Identity Protection
With all the Equifax discussion, I realized that the main thing I'm concerned about is someone wiping out my retirement accounts. I have three main accounts (Fidelity, ING and Schwab). Is there any way that I can freeze those accounts? I really wouldn't care how difficult I make it on myself (like having to present my ID at a branch) to ensure that someone doesn't transfer out the entire balance or even a significant portion of it. Is there a gold standard to force brokerage companies or banks to validate and be responsible to ensure it is me requesting a significant transaction with those accounts?
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
09-11-2017, 09:23 PM
|
#2
|
Thinks s/he gets paid by the post
Join Date: Mar 2017
Location: New York City
Posts: 2,838
|
Quote:
Originally Posted by Jerry1
With all the Equifax discussion, I realized that the main thing I'm concerned about is someone wiping out my retirement accounts. I have three main accounts (Fidelity, ING and Schwab). Is there any way that I can freeze those accounts? I really wouldn't care how difficult I make it on myself (like having to present my ID at a branch) to ensure that someone doesn't transfer out the entire balance or even a significant portion of it. Is there a gold standard to force brokerage companies or banks to validate and be responsible to ensure it is me requesting a significant transaction with those accounts?
|
Great, another thing to worry about. .
__________________
Withdrawal Rate currently zero, Pension 137 % of our spending, Wasted 5 years of my prime working extra for a safe withdrawal rate. I can live like a King for a year, or a Prince for the rest of my life. I will stay on topic, I will stay on topic, I will stay on topic
|
|
|
09-11-2017, 09:46 PM
|
#3
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 38,139
|
Quote:
Originally Posted by Jerry1
With all the Equifax discussion, I realized that the main thing I'm concerned about is someone wiping out my retirement accounts. I have three main accounts (Fidelity, ING and Schwab). Is there any way that I can freeze those accounts? I really wouldn't care how difficult I make it on myself (like having to present my ID at a branch) to ensure that someone doesn't transfer out the entire balance or even a significant portion of it. Is there a gold standard to force brokerage companies or banks to validate and be responsible to ensure it is me requesting a significant transaction with those accounts?
|
Talk with each brokerage about best practices to keep your accounts secure and what kinds of protection they provide. We use two-factor authentication at Fidelity where they send my phone a code to verify certain operations and access from unknown computer or overseas. Any orders generate instant emails. So I feel pretty secure.
I don't have a Vanguard account and my Schwab account is very small.
__________________
Retired since summer 1999.
|
|
|
09-11-2017, 09:58 PM
|
#4
|
Thinks s/he gets paid by the post
Join Date: Jun 2007
Posts: 2,657
|
Maybe. I had a problem with my username being easy to put in if you typo common words and my online brokerage account got "locked" from too many access attempts. When we cleared that up, they offered to leave on the "read-only" lock. I can view my account and I can make contributions, but I cannot sell anything or take any distributions without a lengthy proof of identity process. This was great for many years during accumulation until I finally had to rebalance and had to turn it off. I'm strongly considering requesting the lock be put back in place.
|
|
|
09-12-2017, 04:51 AM
|
#5
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,719
|
Quote:
Originally Posted by Jerry1
With all the Equifax discussion, I realized that the main thing I'm concerned about is someone wiping out my retirement accounts. I have three main accounts (Fidelity, ING and Schwab). Is there any way that I can freeze those accounts? I really wouldn't care how difficult I make it on myself (like having to present my ID at a branch) to ensure that someone doesn't transfer out the entire balance or even a significant portion of it. Is there a gold standard to force brokerage companies or banks to validate and be responsible to ensure it is me requesting a significant transaction with those accounts?
|
Each company will have separate approaches to hoe they implement security. The approach is based on what security standards are required in the industry, and additional policy the company feels is necessary. With Schwab I use the symantec VIP token they provided.
You'll have to speak with each company to find out what additional precautions you can take.
|
|
|
09-12-2017, 05:12 AM
|
#6
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Mar 2011
Posts: 8,410
|
I use TRPrice but I'd imagine all the major and minor players give you the option of getting an email/text the second that a change, withdrawal or money movement takes place.
I usually still online with them when I get a text telling me that I've made a withdrawal, password change etc.
__________________
Living well is the best revenge!
Retired @ 52 in 2005
|
|
|
09-12-2017, 05:50 AM
|
#7
|
Thinks s/he gets paid by the post
Join Date: Mar 2015
Location: philly
Posts: 1,219
|
Quote:
Originally Posted by Blue Collar Guy
Great, another thing to worry about. .
|
Blue, I'm starting to feel like retirement takes more energy than working.
__________________
My darling girl, when are you going to realize that being "normal" is not necessarily a virtue? it sometimes rather denotes a lack of courage~Aunt Francis
|
|
|
09-12-2017, 06:52 AM
|
#8
|
Recycles dryer sheets
Join Date: Jun 2011
Location: W Colorado
Posts: 481
|
Having been the biz, you can request that all withdrawals be done in writing with a signature guarantee. Also adding the text and e-mail notifications for all changes (passwords, withdrawals, address, etc.) can help.
|
|
|
09-12-2017, 08:46 AM
|
#9
|
Thinks s/he gets paid by the post
Join Date: Jul 2011
Posts: 1,288
|
The two factor as suggested above is a good idea. I would like to see 2-factor be generated by a separate device, like the Symantic VIP token. I use yubikey for some programs.
The other thing not mentioned yet (or I missed it) is the regular changing of passwords. Once your password is changed, it could obsolete your data. And, I would use one of the password generators that have been suggested on other posts. I use Keepass on a thumb drive outside of the cloud, with a backup thumb drive. It feels better that it is not online.
The more your change your passwords, they shorter time someone has to decipher your information. The more sophisticated password, it seems like the longer it will take.
Having said all this, if a thief has a enough information about you and knows how to leverage it with the financial site, they maybe able to get inside. At least this is my impression. The balance of finding a way to let ourselves back-in (if we forget a password for example) and preventing a crook, seems to be a balance.
|
|
|
09-12-2017, 09:31 AM
|
#10
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: May 2013
Location: Les Bois
Posts: 5,761
|
Quote:
Originally Posted by Jerry1
With all the Equifax discussion, I realized that the main thing I'm concerned about is someone wiping out my retirement accounts. I have three main accounts (Fidelity, ING and Schwab). Is there any way that I can freeze those accounts? I really wouldn't care how difficult I make it on myself (like having to present my ID at a branch) to ensure that someone doesn't transfer out the entire balance or even a significant portion of it. Is there a gold standard to force brokerage companies or banks to validate and be responsible to ensure it is me requesting a significant transaction with those accounts?
|
i requested a token ring and incorporated a verbal password
__________________
You can't be a retirement plan actuary without a retirement plan, otherwise you lose all credibility...
|
|
|
09-12-2017, 09:51 AM
|
#11
|
Thinks s/he gets paid by the post
Join Date: Jun 2004
Location: Diablo Valley (SF Bay Area)
Posts: 2,705
|
I've got the " at Schwab my voice is my password"
|
|
|
09-12-2017, 10:27 AM
|
#12
|
Thinks s/he gets paid by the post
Join Date: Apr 2005
Location: Midwest
Posts: 2,969
|
Quote:
Originally Posted by Blue Collar Guy
Great, another thing to worry about. .
|
ANOTHER thing? That's the first thing I thought of. All the other things are the "Other Things"
|
|
|
09-12-2017, 10:37 AM
|
#13
|
Recycles dryer sheets
Join Date: Dec 2013
Posts: 174
|
We presently use two factor authentication with Vanguard for unknown computers, but seriously considering having Vanguard send me an access code via text every time we try to sign on.
|
|
|
09-12-2017, 10:40 AM
|
#14
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,259
|
Quote:
Originally Posted by audreyh1
We use two-factor authentication at Fidelity where they send my phone a code to verify certain operations and access from unknown computer or overseas. Any orders generate instant emails. So I feel pretty secure.
|
The instant emails is good.
The phone code is not. Unfortunately, the phone companies make it all to easy for an imposter to say "Hi, I'm Prunella and my phone fell off a 1200 foot cliff while I was hiking in Wyoming. Can you give me a new sim card for my new phone and port my existing number to it?" Once they have ported your number to their phone, they have what they need to neutralize your 2FA. They will quickly change passwords to lock you out of your various accounts and proceed to make your life miserable.
What you need is a time based random code generator like Google Authenticator (there are others also) or an actual device like a Yubikey.
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
09-12-2017, 01:26 PM
|
#15
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,143
|
Quote:
Originally Posted by Chuckanut
....
What you need is a time based random code generator like Google Authenticator (there are others also) or an actual device like a Yubikey.
|
I'm up to a count of 7 now for my new hobby of collecting QR codes for my random code generator .
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
09-12-2017, 07:42 PM
|
#16
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jan 2006
Location: Rio Grande Valley
Posts: 38,139
|
Quote:
Originally Posted by Chuckanut
The instant emails is good.
The phone code is not. Unfortunately, the phone companies make it all to easy for an imposter to say "Hi, I'm Prunella and my phone fell off a 1200 foot cliff while I was hiking in Wyoming. Can you give me a new sim card for my new phone and port my existing number to it?" Once they have ported your number to their phone, they have what they need to neutralize your 2FA. They will quickly change passwords to lock you out of your various accounts and proceed to make your life miserable.
What you need is a time based random code generator like Google Authenticator (there are others also) or an actual device like a Yubikey.
|
They would have to successfully log into my account as well as figure out which phone I was using and replace my phone.
__________________
Retired since summer 1999.
|
|
|
09-12-2017, 08:32 PM
|
#17
|
Moderator
Join Date: Nov 2014
Posts: 9,171
|
Quote:
Originally Posted by growing_older
Maybe. I had a problem with my username being easy to put in if you typo common words and my online brokerage account got "locked" from too many access attempts. When we cleared that up, they offered to leave on the "read-only" lock. I can view my account and I can make contributions, but I cannot sell anything or take any distributions without a lengthy proof of identity process. This was great for many years during accumulation until I finally had to rebalance and had to turn it off. I'm strongly considering requesting the lock be put back in place.
|
Quote:
Originally Posted by pjm-7
Having been the biz, you can request that all withdrawals be done in writing with a signature guarantee. Also adding the text and e-mail notifications for all changes (passwords, withdrawals, address, etc.) can help.
|
DW is going to call them tomorrow, but the "in writing with a signature guarantee" is the kind of thing I'm looking for. I also like the "read-only" lock. The need to take distributions is zero right now and I want the accounts locked down. Three accounts represent more that 70% of my accumulated investments (401k's) and about 60% of my net worth. Losing any one of them would be more than painful and losing all of them, no matter how unlikely, would be devastating. I'm willing to jump through some hoops to keep that from happening.
Thanks for the input.
|
|
|
09-12-2017, 08:48 PM
|
#18
|
Moderator Emeritus
Join Date: Apr 2011
Location: Conroe, Texas
Posts: 18,727
|
Quote:
Originally Posted by audreyh1
They would have to successfully log into my account as well as figure out which phone I was using and replace my phone.
|
Not only which phone, but also which carrier. And some phone don't use SIM cards.
__________________
*********Go Yankees!*********
|
|
|
09-13-2017, 01:18 PM
|
#19
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2004
Location: Laurel, MD
Posts: 8,327
|
Quote:
Originally Posted by Chuckanut
The instant emails is good.
The phone code is not. Unfortunately, the phone companies make it all to easy for an imposter to say "Hi, I'm Prunella and my phone fell off a 1200 foot cliff while I was hiking in Wyoming. Can you give me a new sim card for my new phone and port my existing number to it?" Once they have ported your number to their phone, they have what they need to neutralize your 2FA. They will quickly change passwords to lock you out of your various accounts and proceed to make your life miserable.
What you need is a time based random code generator like Google Authenticator (there are others also) or an actual device like a Yubikey.
|
I saw you posted about this in another thread without this additional detail. The way it works for me is a one time temporary PIN is sent via text to my cellphone. It expires if not used within a short period. Changes to permanent PW, username, cellphone, etc generate a notice to my email account. It doesn't seem to be as insecure as you suggest for this reason as well as reasons cited by Audrey1.
__________________
...with no reasonable expectation for ER, I'm just here auditing the AP class.Retired 8/1/15.
|
|
|
09-15-2017, 07:07 PM
|
#20
|
gone traveling
Join Date: Feb 2008
Posts: 510
|
Quote:
Originally Posted by Chuckanut
The instant emails is good.
What you need is a time based random code generator like Google Authenticator (there are others also) or an actual device like a Yubikey.
|
Why/how are instant emails better than a text to a phone? The crooks got my email from Equifax, I'm sure, so if the same email address is linked to my Vanguard account, can they get into my inbox and get the anything they need.
I think I'll soon start another thread because all the info I've read so far makes my head hurt and I don't know where to start.
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|