Vanguard has announced that they now support two-factor authentication via SMS text messages when logging into your financial accounts. There should be a little blurb when you log in, or after logging in you can navigate to “My Accounts > Account maintenance > Security code” to activate it.
I definitely appreciate the availability of two-factor authentication, although my actual usage depends on how often I have to use it and the importance of the account. Since my Vanguard accounts contain a significant chunk of my assets and I usually log in less than once a week, I enabled it immediately. Here are the highlights:
- If activated, you’ll receive a unique 6-digit code via text message that can only be used once to gain access to your account. The code will expire after 10 minutes.
- Security codes sent via e-mail, phone call or other methods are not supported. No future plans are mentioned.
- You can choose to receive a security code every time you log in, or only when Vanguard doesn’t recognize the device that you’re using. This can be a good compromise if you log in frequently from the same computer.
- You’ll still need your current user name and password. You may also need to answer your previous security questions like “high school mascot?” when calling Vanguard.
- Security codes work with Vanguard.com and their official mobile apps. They do not work with Vanguard.mobi.
- Two-factor authentication may conflict with financial aggregation tools such as Mint.com, Personal Capital, or Yodlee.
Also: TwoFactorAuth.org is a nifty website that tracks which financial websites (and other services) offer two-factor authentication.
So if you use Mint, there is not a way to have it work with this as far as I can tell. Let me know if anyone has a solution to this. I keep getting a text each time Mint tries to log in to check my balance on my Vanguard account.
Vanguard should add a “personal finance access code” for each user to use with aggregators. This code would allow sign in information to stay private and keep the user’s account safe and secure.
http://helpcenter.capitalone360.com/Topic.aspx?category=FINANCE1
If you have a spouse, you can open an account using their SS. From there you can grant them access to view your accounts, but not make trades. You can find this option under My Accounts/Account Maintenance/Account Permissions. You then use your spouses log in credentials with Mint or Personal Capital.
I currently have 2 factor authentication on the trading account (Mine) and single factor authentication on the read only account (my wife’s).
Thanks for the tip!