Fidelity Adds Multi-Factor Authentication with Authenticator Apps

My Money Blog has partnered with CardRatings and may receive a commission from card issuers. Some or all of the card offers that appear on this site are from advertisers and may impact how and where card products appear on the site. MyMoneyBlog.com does not include all card companies or all available card offers. All opinions expressed are the author’s alone.

Fidelity just added the ability to use any Authenticator app with standard TOTP multi-factor support. TOTP stands for Time-based One-Time Password. This includes Google Authenticator, Microsoft Authenticator, Duo, and 1Password. Previously, you were limited to the non-standard Symantic VIP app. This was announced on the Fidelity subreddit from an official moderator.

I’m not a security expert, but view this is a positive development since Authenticator apps are considered a better form of multi-factor authentication (MFA) than SMS text messages, as your text messages can be intercepted within the mobile networks via “SIM swap” or other method. (This why you should also add a password to your cellular provider to authorize any porting, and a SIM PIN (iPhone) or SIM Lock (Android) on your actual phone.) Authenticator apps are more securely linked a specific device as the number resets every 30 seconds and doesn’t travel over the internet or any other network (unless your phone is hacked with malware). Directions:

Here’s how to enroll an authenticator app through the Fidelity mobile app:

Open the Fidelity mobile app and select the Profile icon.
Select General settings and then Authenticator app.
Toggle Authenticator app on.
Copy the secret key.
Follow your authenticator app’s instructions to connect it to your Fidelity account using the secret key.
Go back to the Fidelity mobile app and select Next. Paste in the 6-digit code from the authenticator app to complete the enrollment.
Once you’re enrolled, you’ll get an authenticator-app challenge at any Fidelity login unless you already indicated that your device is a trusted one.

You must first enable the Authenticator option via your Fidelity app on smartphone. (Enrollment on desktop is coming.) After that, you can use Authenticator apps on your desktop browser logins as well. If you had Symantec VIP enabled previously, enabling the Authenticator option will automatically deactivate the Symantec VIP and use your designated Authenticator app instead.

The gold standard of MFA remains a physical device like a YubiKey, but that is more expensive and less convenient. As of this writing (August 2024), Fidelity does not officially support any third-party hardware authentication devices like Yubikey.

A brief MFA definition from PC World:

What Is Multi-Factor Authentication?
As the name implies, MFA means you use more than one type of authentication to unlock an online account or app. Usually, the first factor is your password. MFA means you add another factor in addition to that password. Experts classify authentication factors into three groups:

Something you know (a password, for example).
Something you have (a physical object).
Something you are (a fingerprint or other biometric trait).
When you use an authenticator app, you bolster the password you know with your token, smartphone, or smartwatch.

As a side note, Vanguard does not support standard Authenticator apps, but it does support FIDO2-certified physical security keys like Yubikey. Most newer Android phones can also be set up as a FIDO2 key. Vanguard has also starting using their smartphone app as another factor.

My Money Blog has partnered with CardRatings and may receive a commission from card issuers. Some or all of the card offers that appear on this site are from advertisers and may impact how and where card products appear on the site. MyMoneyBlog.com does not include all card companies or all available card offers. All opinions expressed are the author’s alone, and has not been provided nor approved by any of the companies mentioned.

MyMoneyBlog.com is also a member of the Amazon Associate Program, and if you click through to Amazon and make a purchase, I may earn a small commission. Thank you for your support.


User Generated Content Disclosure: Comments and/or responses are not provided or commissioned by any advertiser. Comments and/or responses have not been reviewed, approved or otherwise endorsed by any advertiser. It is not any advertiser's responsibility to ensure all posts and/or questions are answered.

Comments

  1. thank you for this post. —— mymoneyblog , 8.19.2024 , monday.

    ###

Speak Your Mind

*