MFOHome About Commentary Discussions Funds The Best Resources Support Us!

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Categories

In this Discussion

Here's a statement of the obvious: The opinions expressed here are those of the participants, not those of the Mutual Fund Observer. We cannot vouch for the accuracy or appropriateness of any of it, though we do encourage civility and good humor.

    Support MFO

  • Donate through PayPal

Oakmark Now Offers 2-Factor Authentication

hank
edited May 2018 in Fund Discussions
“The Oakmark Funds are committed to keeping your personal information secure. For this reason, we are excited to offer a new security notification feature that will provide you with a one-time security code to use during login with your user name and password. This improved authentication process will add an enhanced layer of security to your account beyond answering security questions and will enable us to verify your identity when accessing your accounts from a computer or device we do not recognize.”

https://www.oakmark.com/News/Two-factor_Authentication.htm

Comments

  • VintageFreakVintageFreak
    Vanguard also started offering few months back.

    I only use one computer in the house to manage all my investments. And it never leaves the house. So I haven't really bothered with it.

    I don't do ApplePay, iPay, MyPay, BS and don't buy any stocks / options etc I want to get out quickly when I'm on the road. Just trying to keep my digital footprint to a minimum.
  • jlev
    @VintageFreak your computer doesn't need to travel to be compromised. Not using two factor identification strikes me as a willfully bad idea.
  • davidrmorandavidrmoran
    Totally dumbfounding that 2-factor authentication (one factor you know in your mind, the other you possess but is pseudorandomly changing in synch w the server) took so long to catch on and is still not widespread.

    I went to work at its inventor 26y ago, for heaven's sake, and they were no longer a startup then. Think of all the headaches that could've been prevented.
  • msf
    edited May 2018
    Kenneth Weiss coined the term, but two factor authentication goes back at least as far as the mid 60s, when James Goodfellow patented the combined use of "what you know" (a PIN) and "what you have" (a physical object) to conduct secure financial transactions. Aka ATM machines.

    https://www.theguardian.com/money/2016/apr/29/who-invented-cash-machine-james-goodfellow-first-atm-pin
    This token took the form of a plastic card with holes punched in it. The patent documents proposed a system incorporating a card reader and buttons mounted in an external wall of the bank, and stated: “When the customer wishes to withdraw a pack of banknotes from the system he simply inserts his punched card in the card reader of the system, and operates the set of 10 push-buttons in accordance with his personal identification number.” Aside from the cards with punched holes, that pretty much describes today’s ATM.
    Arguably, even earlier examples (that use an alternative factor: "what you are") include charge cards (the card itself, and your signature as a prehistoric biometric) and passbook bank accounts (the passbook, and your signature or perhaps facial recognition by the banker).

    Multifactor authentication has been grasped intuitively by people for many decades. It is interesting to think about how how readily it was discarded for the sake of electronic convenience (or for getting gasoline at the pump).

    Here's an interesting site that will tell you what websites support what types of two factor authentication:
    https://twofactorauth.org/
  • VintageFreakVintageFreak
    jlev said:

    @VintageFreak your computer doesn't need to travel to be compromised. Not using two factor identification strikes me as a willfully bad idea.

    Once I inform Vanguard computer is trusted, it is not going to ask again for me to check my text message right? Besides, I've heard people's phone's getting hacked more frequently these days.

  • davidrmorandavidrmoran
    Was not rehashing the full and tortuous history, of course. Adopted secure 2-factor had to be stronger than a static PIN or password plus the token, and so the first factor became dynamic and unknowable, the result of pseudorandom-number (PRN) generation, with Rivest's (RSA) algorithm the leader (still, I believe) and his first paper (in ACM) was from the late 1970s, I think. Security Dynamics (later RSA) is where I worked for many years. Weiss promulgated that work, and more, and turned it into a going company, yes. Was not aware he coined the phrase, or maybe I have forgot.
Sign In or Register to comment.