Many web services (especially those for which security breaks could have serious consequences) are implementing two factor authentication as an option for their log on process. In these procedures, you begin the process of logging on to a web service. In response, the service typically sends a text message containing a one-time use numeric code to your cell phone. You enter that numeric code when requested on the website as an essential step in the process of logging on. You still must enter the account password. The added security is considerable - you must have knowledge of your user name and password AND you must have access to your cell phone to log onto the service.
Two-step authentication is not without its potential problems; one may relate to a basic function of Fund Manager.
I recently became aware that Vanguard is now implementing two-factor authentication as an option for account owners. The following was included in Vanguard's description of the service:
"You may experience issues using financial aggregation tools, such as Mint.com, CashEdge, Quicken, or Yodlee, if you sign up to receive security codes. You may not be able to view your accounts through these tools. Also, you may receive a security code when the aggregation tool attempts to log on to your accounts."
Computer security experts recommend two-factor authentication frequently, and I suspect that many financial entities are going to be offering it in the near future. Has anyone experimented with it and Fund Manager at Vanguard or other sites? Mark, what are your thoughts? Being forced to choose between the best available security and the convenience of transaction downloads would be unfortunate.
Ed