This is Why Our Job is Hard


A colleague sent me this.

From Business Week's July 9 Issue in the Annual Retirement Guide:

HOW CLOSELY WILL THE ADVISER monitor your plan? Through the Internet, 401(k) investors can keep an eye on their account daily if they so choose. Your adviser should be watching regularly, too, and sending you alerts if you need to rebalance or make other changes. The adviser can best stay informed if you hand over the password to your account or, at the very least, forward your monthly statements. In most cases, advisers do not actually make the trades, but rather notify you, then follow up to be sure you've pulled the trigger.
Nice. I've got a better recommendation. If your financial adviser needs your passwords to advise, advise them to take a hike. Because somehow I doubt that anybody has advised them to use something safer than a sticky note to store your credentials. In fact, they probably keep that stuff on a spreadsheet. And if they're a really good adviser, they put it on their mobile phone, too.

It doesn't matter how much you trust your financial adviser not to steal your money. It matters how much you trust everybody who your financial adviser comes into contact with.

No wonder it feels like an uphill battle.


  1. Wow, that is depressing.

  2. I agree that this is definitely a problem, but its not an unsolvable problem.

    For sites where multiple people could be using the same account, and this is a legitimate use, then it would make sense to build a system where accounts could be linked with different privileges, so that an account you gave your adviser would only be able to view the information rather than make trades on your behalf.

    Now, you might say that advisers shouldn't have access to your account, but unless we make security work for people, they're not going to do what we tell them to.

    Oh, and the insecure password storage thing, well, honestly I think that Microsoft needs to take a leaf out of Apple's book and include a password manager by default, and therefore provide them with an easy to use alternative to storing them in spreadsheets.

    The same thing can be said about them putting them on their mobile - we need to have some technology for them to be able to do that.

    So as much as we all like to blame users for our problems - unless we give them a secure alternative to do what they want to do, they're going to do things insecurely, and that isn't really their fault - they have things which need to be done, they shouldn't need to be particularly careful about security - that's our job.

    So yeah; unless its a completely stupid idea, we need to do all we can to create security solutions which enable users to achieve what they want, not just lock everything down.

  3. @kuza55 - I don't disagree that we should make systems and procedures more secure. The point of the post was that giving credentials to others, regardless of how those credentials are protected, is being promoted as good practice.

    With regards to setting up the system such that users are allowed to give (and revoke) limited control of their accounts to a different set of credentials, I absolutely agree. Many systems actually do have such a feature (including home security systems where you can have a guest code without giving up the true code) - but that's not what the article said to do.

    And with regards to Keychain, Apple did the right thing by making it such a vital part of the operating system, and integrating it very well into their own software. However, even they didn't do it to the degree they could. For 90% of users, Keychain is invisible - you just know you have to put in your login password every so often. And when you install a new version of some software, you get a confusing (for 90% of users) message about having to upgrade your keychain. Very few users are aware that you can make multiple keychains - perhaps one for clients you advise - and put a passphrase on it instead of just a password. And you can use it to store things that aren't login prompts - including notes. But these are things you have to look for. Maybe I'll just have a local class here to teach people how to use Keychain.

    And on Windows, I've been using keepass for quite some time. But in both of these circumstances, we just don't teach people how to use them. And even if Windows did provide something by default, the article said for you, the consumer, to give your credentials to your financial advisor, not to query them as to how they intend to handle them.

    Good comments - and I completely agree. And making such systems and having environments that require their use (you *cannot* put passwords in a spreadsheet or you'll be fired) is a good thing. It's just that even if that's the case in some environments, an article was written that expects users to blindly give their credentials away.

    I would hope people have a great deal of trust in their financial adviser. But I'm not sure I'd give them that kind of access without at the very least finding out how they intend to keep it.

  4. Sylvan:

    Alright, I see your point, but the fact that such features exist and they're not being used means that people simply don't know about them. Because I really doubt that people would be advising insecure methods when they knew of a better one.

    And frankly, I can see your point there, when we haven't really been able to solve any problems with user education.

    So were stuck with the fact that no matter what we do we've got huge problems getting users to do anything on a wide scale.

    Which is worrying.

  5. I've wondered for awhile, though - will things get bad enough - enough stolen identities, enough lost money, enough personal site defacement, enough stolen information, that education, and even legislation, actually will begin to work? Sadly, it doesn't seem we're anywhere near that point just yet.