How much is too much in a brokerage?

Yes, you can put your Emergency fund into an investment account, where it may take several days to get your hands on some cash in emergency conditions. I will stick with the local credit union branch that I can walk to, if there is no other way to get there. By then the dollars may be worthless, but you have to work with what you have.

You seem so wise in this area. I am having with cell phone security. Anything else you can mention about more about how to keep cell phones safe from a hack?

  • Have Malwarebytes installed + VPN.
  • fingerprint to open app.
  • Google Authentical app.
    Not sure of anything else? Thanks

I don’t use cell phone text messages for brokerage security. I have my assets at Fidelity and Schwab, both of them use the Symantec VIP authenticator app. That way nothing is going out over the Internet or cell network.

Explain your last sentence. The Authenticator app is just for 2FA and is certainly going across the cell or internet network.

Symantec VIP uses the Internet for “push” notifications. That is not how Schwab and Fidelity use it. Maybe you’ve used it in a push configuration before.

The way F & S use VIP is that every 30 sec a new six-digit code is presented to you, internally generated in your phone using an algorithm acting on the “credential ID”.

Nothing goes out from the device… I am staring at mine now with all wireless data off (airplane mode), no network, and it’s cheerfully giving me a new code every 30 sec.

You can buy VIP hardware tokens… Schwab may still give them out (or not… it’s been a while). Those are keyring sized devices. They’ve been around for decades.

No it isn’t. Once it’s set up, it can generate the required codes without an internet connection. In any event, Fidelity and Schwab aren’t sending the authenticator a code.

My problem with authenticator apps is that most places have an easy way to get in without it. Look for a link for another option to authenticate. If it lets you receive a text message or email instead, that’s a pretty big security hole. The only places I’ve seen that make it a PITA to get in without the authenticator app you set up are crypto exchanges, though I’m sure there are others. It took me a week to get into one exchange when my employer decided to remove the authenticator app from my phone with no warning.

OK…so its like the old RSA hard tokens from 15 years ago. Interesting…

Does either Schwab or Fidelity support Passkeys yet ?

No passkeys. No hardware keys (Yubico keys). Bank of America/ Merrill supports Yubico keys. The financial industry is way behind. I don’t get it.

I change my F and S passwords every 3 months. Thank goodness for password managers.

True, but I’m happy Van Guard accepts Yubi keys.

1 Like