Vanguard Adds Two-Factor Authentication

Vanguard has announced that they now support two-factor authentication via SMS text messages when logging into your financial accounts. There should be a little blurb when you log in, or after logging in you can navigate to “My Accounts > Account maintenance > Security code” to activate it.

I definitely appreciate the availability of two-factor authentication, although my actual usage depends on how often I have to use it and the importance of the account. Since my Vanguard accounts contain a significant chunk of my assets and I usually log in less than once a week, I enabled it immediately. Here are the highlights:

• If activated, you’ll receive a unique 6-digit code via text message that can only be used once to gain access to your account. The code will expire after 10 minutes.
• Security codes sent via e-mail, phone call or other methods are not supported. No future plans are mentioned.
• You can choose to receive a security code every time you log in, or only when Vanguard doesn’t recognize the device that you’re using. This can be a good compromise if you log in frequently from the same computer.
• You’ll still need your current user name and password. You may also need to answer your previous security questions like “high school mascot?” when calling Vanguard.
• Security codes work with Vanguard.com and their official mobile apps. They do not work with Vanguard.mobi.
• Two-factor authentication may conflict with financial aggregation tools such as Mint.com, Personal Capital, or Yodlee.

Also: TwoFactorAuth.org is a nifty website that tracks which financial websites (and other services) offer two-factor authentication.