24601NoMore
Thinks s/he gets paid by the post
- Joined
- Dec 8, 2015
- Messages
- 1,166
I have had phone call 2FA set up at Vanguard for years. I login and then receive a call on my home number which conveys the access code. I am not restricted to logging in with one computer.
I think you're also missing the point I was trying to make. Secure 2FA is something like Symantec VIP Access that generates a 6-digit random number, which FIDO (and AFAIK based on my reading, Schwab) offer. That number changes every 60 seconds and is based on your individual hardware - just like the old RSA tokens many of us used at w*rk.
VG does not "require" you restrict access to just one computer. It's an OPTIONAL security feature. Unfortunately, it often does not work. (VG's website randomly "forgets" your PC - presumably after a Windows or browser update or for some totally random reason). IF that happens to you (it's happened to me roughly 4 times in the past 4 months), you need to call in to have them allow any PC to login, and then reset to restricted PC access. It's basically a giant PITA.
The lack of true secure 2FA has been talked about on Bogleheads and elsewhere for years. Many of us have asked VG to implement something similar to Fidelity but VG has yet to do so. Are there workarounds like using a home phone to get a "2FA" number read off to you? Sure. And not to get into the weeds of why, but many including me strongly prefer a solution like Fidelity has with their VIP Access app.
The point I was attempting to make is that FIDO and presumably Schwab offer something that many people believe is much more secure than VG. I'm not here to debate that, but simply to point out yet another important (to many) difference between Schwab, FIDO and VG.