Tweet
This started as an aside from Randleman1's thread regarding "Organizing your portfolio", so instead of hijacking his thread, I thought I'd start a new one.
I've tried Quicken (PC software), mint.com, personalcapital.com, TIAA 360, and possibly some other account aggregators to keep track of my personal finances. The problem is, I have two-factor authentication (2FA) enabled on every financial site that supports it, and 2FA does not play well with aggregators. For example, I'll enter my credentials for bank123.com in Mint, and as Mint tries to connect, I get a text on my phone with a confirmation code. Multiple this by many accounts, as often as Mint tries to update each account, and it's a mess.
SOME financial institutions seem to play well with SOME aggregators. For example, interactivebrokers.com issues a token for Mint (but no one else, including Quicken) to use. Another example, Personalcapital.com seems to somehow bypass Vanguard's 2FA.
Then there is ONE financial institution that I know of that gets it right, in my opinion. That would be capitalone360.com. They issue a token which any aggregator can use in place of your password, and it allows READ-ONLY access to your account. This is FAR superior to any other system in use, in my opinion. Why? Because when you enter your login and password to bank123.com on Mint, or any other aggregator, you're really giving them the keys to the kingdom. Oh sure, they all have security measures in place, but read the fine print on their terms of service...if your account shows up empty one day, they're not responsible. And neither is bank123.com, since YOU voluntarily gave out your credentials. It's a pretty scary thought, actually.
It's actually rather amusing that all the aggregators SAY that account access is read-only, but the fact is, by giving them your login and password, they could do anything with your money. One rogue employee with enough access, and next thing you know your money just went to Grand Cayman.
So has anyone figured a way out to do this, as safely as possible and minimizing hassles at the same time?
I've tried Quicken (PC software), mint.com, personalcapital.com, TIAA 360, and possibly some other account aggregators to keep track of my personal finances. The problem is, I have two-factor authentication (2FA) enabled on every financial site that supports it, and 2FA does not play well with aggregators. For example, I'll enter my credentials for bank123.com in Mint, and as Mint tries to connect, I get a text on my phone with a confirmation code. Multiple this by many accounts, as often as Mint tries to update each account, and it's a mess.
SOME financial institutions seem to play well with SOME aggregators. For example, interactivebrokers.com issues a token for Mint (but no one else, including Quicken) to use. Another example, Personalcapital.com seems to somehow bypass Vanguard's 2FA.
Then there is ONE financial institution that I know of that gets it right, in my opinion. That would be capitalone360.com. They issue a token which any aggregator can use in place of your password, and it allows READ-ONLY access to your account. This is FAR superior to any other system in use, in my opinion. Why? Because when you enter your login and password to bank123.com on Mint, or any other aggregator, you're really giving them the keys to the kingdom. Oh sure, they all have security measures in place, but read the fine print on their terms of service...if your account shows up empty one day, they're not responsible. And neither is bank123.com, since YOU voluntarily gave out your credentials. It's a pretty scary thought, actually.
It's actually rather amusing that all the aggregators SAY that account access is read-only, but the fact is, by giving them your login and password, they could do anything with your money. One rogue employee with enough access, and next thing you know your money just went to Grand Cayman.
So has anyone figured a way out to do this, as safely as possible and minimizing hassles at the same time?
Comment