Online savings account log in

[pb4uski]

Wells also requires 2FA every time. Often I have logged out then right back for something I forgot. Not a problem for me.

^^^ That's funny... I have an account with Wells Fargo and can't recall ever being asked for 2FA.

 

[Alan]

An EU directive now requires all banks to do 2FA every single time and that the 2FA has to use a physical token or authentication app, no sms text message or code sent by email. I have now become accustomed to using 2FA every time I log into my UK bank online. I find I use the bank app much more than I ever used to, as no effort other than Face ID is needed and I can pay bills, set up new payees etc very easily with the app.

My US bank and Vanguard still only require 2FA the first time logging in from a new device.

 

[MichaelB]

An EU directive now requires all banks to do 2FA every single time and that the 2FA has to use a physical token or authentication app, no sms text message or code sent by email. I have now become accustomed to using 2FA every time I log into my UK bank online. I find I use the bank app much more than I ever used to, as no effort other than Face ID is needed and I can pay bills, set up new payees etc very easily with the app.

My US bank and Vanguard still only require 2FA the first time logging in from a new device.

What happens if you lose your phone or it’s not handy?

 

[Dtail]

BOA has the double authentication for every login. Fidelity and Ally Bank does not, at least with me.

 

[imoldernu]

Frustrated with so many sign-ins/change passwords that I threatened to change my bank account.... until jeanie reminded me that our bank is only a few hundred yards from our house. Duh!!....

She does all the accounting/bill paying work, anyaway.

 

[rk911]

ya can't be too careful.

 

[Sunset]

What happens if you lose your phone or it’s not handy?

You will have a lot of trouble.

I've had to turn on my phone in a foreign country so I could do the sms text code to satisfy the 2FA.

 

[Spock]

* Things like Firefox containers will make it look like a new device every login.
* On sites that are serious about security and not compromising for convenience, enabling 2FA means using 2FA for every login. Otherwise whats the point?

 

[Alan]

What happens if you lose your phone or it’s not handy?

Then you have to call and go through your security questions to get access. I had to do this when getting a new phone a couple of years ago and messed up transferring my bank app from my old phone. The phone call includes voice recognition along with security question(s).

 

[pb4uski]

What happens if you lose your phone or it’s not handy?

Discover does include an option to send a code to email or call my home phone.

 

[Alan]

Discover does include an option to send a code to email or call my home phone.

Vanguard offers the same, fortunately, and I get a robotic voice speaking out the validation code.

 

[gwraigty]

Win 10 and latest version of Chrome, so yes.

This makes me wonder if Chrome has something to do with it. When I manually checked for updates yesterday, there was one. There was also an update right before I thought I'd fixed the Schwab problem.

 

[easysurfer]

* Things like Firefox containers will make it look like a new device every login.
* On sites that are serious about security and not compromising for convenience, enabling 2FA means using 2FA for every login. Otherwise whats the point?

I think there's a trade off between security and convenience. Always will be.

Since I'm the only person who has access to my PC and there really aren't other eyes looking over my shoulder, I have the PC set up to not have to enter my login each time. Surely, if someone was the break in and physically steal my PC, then yes, I should have had the PC password protected at each log in. But the chance is very low, so I prefer the convenience.

I think if 2FA was required for every login for the many accounts, that would be a big chore and more folks might choose not to use 2FA at all.

Just my 2 cents.

 

[OldShooter]

I think there's a trade off between security and convenience. Always will be. ...

+1

When DW was still working at the megabank we used to laugh about passwords. IIRC they were required to change PWD every three months, once used a PWD could not be reused, and every PWD had to comply with a bunch of rules about capitalization, special characters, and length.

The result was that she and all her troops kept track of their current passwords on yellow stickies kept under their keyboards. There was no other practical way.

 

[dixonge]

This makes me wonder if Chrome has something to do with it. When I manually checked for updates yesterday, there was one. There was also an update right before I thought I'd fixed the Schwab problem.

I can't swear to it, but I thought I noticed that new versions of browsers triggered this on several sites. USAA was one, not sure about Schwab. System updates, IP address changes, lots of things that make this rather impractical.