I'd be okay with requiring a second factor with that being my fingerprint or some sort of face scan, as long as that could reliably identify me. Obviously I wouldn't want it to be some physical device I had to have with me.Silence Dogood wrote: ↑Wed Feb 23, 2022 10:11 am I don't think it should even be an option - two factors should always be required.
Also, why is there such a bias against the second factor (something you have)? If I had to choose, I would forgo the first factor (something you know - your password) instead. It would be much more difficult for someone to steal my Yubikey than it would be for someone to steal my password.
[Vanguard] Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
- bertilak
- Posts: 10725
- Joined: Tue Aug 02, 2011 5:23 pm
- Location: East of the Pecos, West of the Mississippi
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I would try two things:tibbitts wrote: ↑Wed Feb 23, 2022 10:40 amThe problem is: same network/IP, same computer, not even close the browser... yet still get prompted after setting the preference to not to be in your profile and during the initial login process.nordsteve wrote: ↑Tue Feb 22, 2022 8:50 pm It has nothing to do with "bad IT." Vanguard needs to defend against cookie stealing attacks.
I just spent several weeks in a well known hotel. Fidelity repeatedly prompted me for the 2FA code on the hotel wifi. Same machine and browser, on my home network, no repeated prompts.
1. Another browser.
2. Resetting all settings to default.
May neither drought nor rain nor blizzard disturb the joy juice in your gizzard. -- Squire Omar Barker (aka S.O.B.), the Cowboy Poet
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
When the problem first occurred I experienced it on both Chrome and Firefox before complaining to Vanguard. Vanguard seemed vaguely familiar with the problem but not that interested. I should probably try Edge; I'll do that and try to remember to post the results, although that obviously isn't a solution available to everyone (outside of the Windows community, that I know of.)bertilak wrote: ↑Wed Feb 23, 2022 11:04 amI would try two things:tibbitts wrote: ↑Wed Feb 23, 2022 10:40 amThe problem is: same network/IP, same computer, not even close the browser... yet still get prompted after setting the preference to not to be in your profile and during the initial login process.nordsteve wrote: ↑Tue Feb 22, 2022 8:50 pm It has nothing to do with "bad IT." Vanguard needs to defend against cookie stealing attacks.
I just spent several weeks in a well known hotel. Fidelity repeatedly prompted me for the 2FA code on the hotel wifi. Same machine and browser, on my home network, no repeated prompts.
1. Another browser.
2. Resetting all settings to default.
-
- Posts: 153
- Joined: Tue Jan 04, 2022 3:29 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Wasn't there a public outrage because the IRS requires face recognition?tibbitts wrote: ↑Wed Feb 23, 2022 10:43 amI'd be okay with requiring a second factor with that being my fingerprint or some sort of face scan, as long as that could reliably identify me. Obviously I wouldn't want it to be some physical device I had to have with me.Silence Dogood wrote: ↑Wed Feb 23, 2022 10:11 am I don't think it should even be an option - two factors should always be required.
Also, why is there such a bias against the second factor (something you have)? If I had to choose, I would forgo the first factor (something you know - your password) instead. It would be much more difficult for someone to steal my Yubikey than it would be for someone to steal my password.
Time is the ultimate currency.
-
- Posts: 1660
- Joined: Tue Feb 01, 2011 8:22 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
So you prefer biometrics (something you are) over a security key (something you have)?tibbitts wrote: ↑Wed Feb 23, 2022 10:43 amI'd be okay with requiring a second factor with that being my fingerprint or some sort of face scan, as long as that could reliably identify me. Obviously I wouldn't want it to be some physical device I had to have with me.Silence Dogood wrote: ↑Wed Feb 23, 2022 10:11 am I don't think it should even be an option - two factors should always be required.
Also, why is there such a bias against the second factor (something you have)? If I had to choose, I would forgo the first factor (something you know - your password) instead. It would be much more difficult for someone to steal my Yubikey than it would be for someone to steal my password.
I wouldn't consider a personal preference to be obvious. Personally, I prefer security keys over biometrics.
-
- Posts: 2776
- Joined: Sat Feb 21, 2015 1:29 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Likely, the login process checks the setting of whether to always use 2FA before checking whether the I plan to log in from this device in the future option had been used during the previous login process. Changing the option at the Vanguard web site about whether 2FA is always to be used has no effect on the current session. The setting will be used during the session established by the next login.
Exactly what happens depends on details of the login process; details that Vanguard likely does not want to reveal.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I found the facial scan on ID.me (for the IRS) to be difficult to set up, but as far I know that's only a one-time requirement. It would have to work a lot more transparently for Vanguard, more like a fingerprint scan does. However the point of the displeasure with the IRS was that until a few weeks ago, it was being presented as the only way to use the service going forward. I would want Vanguard to give multiple 2FA alternatives, and wouldn't suggest they require facial recognition as the only 2FA option.H-Town wrote: ↑Wed Feb 23, 2022 11:56 amWasn't there a public outrage because the IRS requires face recognition?tibbitts wrote: ↑Wed Feb 23, 2022 10:43 amI'd be okay with requiring a second factor with that being my fingerprint or some sort of face scan, as long as that could reliably identify me. Obviously I wouldn't want it to be some physical device I had to have with me.Silence Dogood wrote: ↑Wed Feb 23, 2022 10:11 am I don't think it should even be an option - two factors should always be required.
Also, why is there such a bias against the second factor (something you have)? If I had to choose, I would forgo the first factor (something you know - your password) instead. It would be much more difficult for someone to steal my Yubikey than it would be for someone to steal my password.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
But everybody is both checking the "remember" box on the login form AND setting their profile to only use 2FA for unrecognized computers.FactualFran wrote: ↑Wed Feb 23, 2022 12:01 pmLikely, the login process checks the setting of whether to always use 2FA before checking whether the I plan to log in from this device in the future option had been used during the previous login process. Changing the option at the Vanguard web site about whether 2FA is always to be used has no effect on the current session. The setting will be used during the session established by the next login.
Exactly what happens depends on details of the login process; details that Vanguard likely does not want to reveal.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I don't want to be dependent on a second device I need to have with me whenever I want to log on, or that I can easily lose. It might be okay to have the 2FA be something like authenticator software, as long as it could be integrated onto the PC/mac and not something you'd need a separate device (key, phone, etc.) for. But that would make you somewhat more vulnerable to having a single device compromised; the biometric situation seemingly less so.Silence Dogood wrote: ↑Wed Feb 23, 2022 11:57 amSo you prefer biometrics (something you are) over a security key (something you have)?tibbitts wrote: ↑Wed Feb 23, 2022 10:43 amI'd be okay with requiring a second factor with that being my fingerprint or some sort of face scan, as long as that could reliably identify me. Obviously I wouldn't want it to be some physical device I had to have with me.Silence Dogood wrote: ↑Wed Feb 23, 2022 10:11 am I don't think it should even be an option - two factors should always be required.
Also, why is there such a bias against the second factor (something you have)? If I had to choose, I would forgo the first factor (something you know - your password) instead. It would be much more difficult for someone to steal my Yubikey than it would be for someone to steal my password.
I wouldn't consider a personal preference to be obvious. Personally, I prefer security keys over biometrics.
-
- Posts: 2776
- Joined: Sat Feb 21, 2015 1:29 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Not everybody is both checking the "remember" box on the login form AND setting their profile to only use 2FA for unrecognized computers. I don't check either.
The behavior likely depends on the details of the Vanguard login process. It may be necessary to change the 2FA profile setting, logout, and login (to start a new session with the changed 2FA profile setting) for the "remember" box on the login form to have an effect.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
It is a dysfunction of the site. Nothing works. If it works, it reverts back to not working. It is a stupid system. Whatever settings you set should stay as is. The rep. blamed Firefox. I think it has to do with cookies but my other secure sites work fine, like my bank and credit cards. I just got a request to review my experience with Vanguard and I kvetched plenty.financeperchance wrote: ↑Mon Feb 21, 2022 9:34 pmThis Vanguard 2F authentication is getting frustrating. Macbook Safari I logged in this morning, clicked the box... and just now this evening I have to do the 2F authentication again. I don't always carry my phone with me everywhere around the house, so this is a pain."This code expires in 10 minutes.
Enter the security code to enable the next button."
Is there some browser or operating system that actually remembers your choice? Thank you.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Well, I meant that everybody complaining is setting those options. I understand that not everyone wants that behavior.FactualFran wrote: ↑Wed Feb 23, 2022 2:39 pmNot everybody is both checking the "remember" box on the login form AND setting their profile to only use 2FA for unrecognized computers. I don't check either.
The behavior likely depends on the details of the Vanguard login process. It may be necessary to change the 2FA profile setting, logout, and login (to start a new session with the changed 2FA profile setting) for the "remember" box on the login form to have an effect.
The result of my Edge test today is that the same problem occurs with that browser. Again, "remember" specified on the login screen, no closing the browser, account options set to only require 2FA on unrecognized devices.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Sometimes (like today and yesterday) Vanguard even automatically logs me out due to 15 minutes inactivity, then when I click the button to log back in (still in the same browser session to be clear), I get hit with ANOTHER 2FA demand. That is buggy. Why do you insist on defending clearly buggy technology?
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Funny I haven't run into that bug yet... must be something I didn't do?000 wrote: ↑Wed Feb 23, 2022 4:41 pmSometimes (like today and yesterday) Vanguard even automatically logs me out due to 15 minutes inactivity, then when I click the button to log back in (still in the same browser session to be clear), I get hit with ANOTHER 2FA demand. That is buggy. Why do you insist on defending clearly buggy technology?
Just a different perspective, take a step back and the problem won't be as big as you think.
Time is the ultimate currency.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I wasn't attempting to suggest otherwise. I was warning him it's not a universal solution to the problem, and probably isn't contractually guaranteed by Vanguard.RubyTuesday wrote: ↑Wed Feb 23, 2022 7:24 amBut Vanguard, the site OP is dealing with, does.exodusNH wrote: ↑Tue Feb 22, 2022 7:48 amNot all sites support Google voice numbers.financeperchance wrote: ↑Mon Feb 21, 2022 10:02 pmIncredible. I'm starting to get a sense for what people mean when they say Vg is having issues with its tech department.
I love this idea and will do that. Thank you!
OP search other threads here for convenient but still highly secure 2FA approaches with Vanguard, Yubico Yubikeys and Google Voice. Many threads.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I agree. I don't think biometrics should be used. First, you have no way to dispute or change your "key" when something goes wrong. They don't handle issues, such as losing a finger / hand, well. I don't trust companies to do the right thing with something I can't change, beyond multilating myself!Silence Dogood wrote: ↑Wed Feb 23, 2022 11:57 amSo you prefer biometrics (something you are) over a security key (something you have)?tibbitts wrote: ↑Wed Feb 23, 2022 10:43 amI'd be okay with requiring a second factor with that being my fingerprint or some sort of face scan, as long as that could reliably identify me. Obviously I wouldn't want it to be some physical device I had to have with me.Silence Dogood wrote: ↑Wed Feb 23, 2022 10:11 am I don't think it should even be an option - two factors should always be required.
Also, why is there such a bias against the second factor (something you have)? If I had to choose, I would forgo the first factor (something you know - your password) instead. It would be much more difficult for someone to steal my Yubikey than it would be for someone to steal my password.
I wouldn't consider a personal preference to be obvious. Personally, I prefer security keys over biometrics.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I'm inclined to blame Vanguard, but what do I know? Well, this I do know: On my home network, using Firefox on a laptop only I ever use, I have no problems accessing either my bank's 2FA protected website nor Fidelity's. But Vanguard's? It's amazingly random. I'd say something like 25% of my logins require 2FA, but it's so random. I rarely delete cookies and FF isn't set to do it automatically. I think rarely, if ever, have I gotten consecutive 2FA requests, but it is surely an annoyance. I also know that Vanguard's present mix of old/new webpage design is a mess, and lucky you if you don't also have your company's 401(k) administered by Vanguard.
-
- Posts: 2776
- Joined: Sat Feb 21, 2015 1:29 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
"Remember this device" worked with Edge for me. I have rarely used Edge and strongly suspect that I have never previously logged in to the Vanguard web site using Edge.
A preliminary test was
- With usual browser (not Edge)
- Enter username and password on Vanguard login web page.
- Enter security code sent to mobile phone to complete login selecting No for "Remember this device?"
- Change profile option at Vanguard to not use 2FA with recognized device (profile option had been always use 2FA).
- With Edge
- Enter username and password on Vanguard login web page.
- Enter security code sent to mobile phone to complete login selecting Yes for "Remember this device?"
- Logout.
- Enter username and password on Vanguard login web page. The login completed without a security code.
- Enter username and password on Vanguard login web page.
- Enter security code sent to mobile phone to complete login selecting Yes for "Remember this device?"
- Do nothing for about 15 minutes; Vanguard account web page was automatically replaced by a "Your session has expired" Vanguard web page.
- Click on "log back in" link on the "Your session has expired" Vanguard web page.
- Enter username and password on Vanguard login web page. The login completed without a security code.
- Exit Edge
- Disconnect from internet and reconnect about 2 hours later.
- Start Edge and enter username and password on Vanguard login web page. The login completed without a security code.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I've been able to bypass 2FA for up to about 24hrs, seemingly randomly, with Chrome. I only tried Edge today so I can't say if I'll ever be able to do 24hrs or more with that; my first attempt failed after about an hour. But I'm not counting 24hrs as "working."FactualFran wrote: ↑Wed Feb 23, 2022 11:34 pm"Remember this device" worked with Edge for me. I have rarely used Edge and strongly suspect that I have never previously logged in to the Vanguard web site using Edge.
A preliminary test wasA more extensive test started about two hours later. In the meantime, I logged out both browsers from Vanguard and connected to a different internet service provider. With Edge
- With usual browser (not Edge)
- Enter username and password on Vanguard login web page.
- Enter security code sent to mobile phone to complete login selecting No for "Remember this device?"
- Change profile option at Vanguard to not use 2FA with recognized device (profile option had been always use 2FA).
- With Edge
- Enter username and password on Vanguard login web page.
- Enter security code sent to mobile phone to complete login selecting Yes for "Remember this device?"
- Logout.
- Enter username and password on Vanguard login web page. The login completed without a security code.
So, "Yes, I plan to login in from this device in the future" actually works. I have no idea what others are doing that interferes with it working for them.
- Enter username and password on Vanguard login web page.
- Enter security code sent to mobile phone to complete login selecting Yes for "Remember this device?"
- Do nothing for about 15 minutes; Vanguard account web page was automatically replaced by a "Your session has expired" Vanguard web page.
- Click on "log back in" link on the "Your session has expired" Vanguard web page.
- Enter username and password on Vanguard login web page. The login completed without a security code.
- Exit EdgeI'
- Disconnect from internet and reconnect about 2 hours later.
- Start Edge and enter username and password on Vanguard login web page. The login completed without a security code.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I have adjusted my Vanguard security profile, and still get 2FA for 90% of my home desktop logins. I wonder if Firefox is involved? BTW, I have to delete and re-type at least the last character of my (pre-filled) username and password for the Login button to do anything.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I have same issue even with option 1 selected. I use chrome.TropikThunder wrote: ↑Mon Feb 21, 2022 11:00 pmSounds more like a user issue than a Vanguard issue IMO. There’s a profile setting where you can either ask it to only do 2FA from unrecognized computers, or to do 2FA from all computers. If it’s set to “all computers” (which is the default security setting for most websites I believe, not just Vanguard), then each and every login will require the 2FA security code even if it’s a computer you told Vanguard to remember. I don’t recall any financial website I’ve logged into that remembers your computer unless you ask it to. But that’s not a bug, it’s a feature one can select.financeperchance wrote: ↑Mon Feb 21, 2022 10:02 pmIncredible. I'm starting to get a sense for what people mean when they say Vg is having issues with its tech department.
Profile and Account Settings -> Security Code settings -> Frequency. Select either
(1) “Only when Vanguard doesn't recognize my computer or device”
During logon, you have the option for us to remember (or recognize) the computer or device that you're using to access your accounts. We won't prompt you to enter your security code on computers or devices that we recognize if you choose this frequency. For your protection, we will send you a security code and ask you to enter it when you log on from a computer or device that we don't recognize.
-or-
(2) Every time I log on.
Important: This means you'll need to be near the phone you've indicated during setup every time you log on to vanguard.com or our mobile apps.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Do you really need more than 1 login worth of transactionS per month? How does that optimize your sit? Are you really staying the course?financeperchance wrote: ↑Tue Feb 22, 2022 9:18 pmNot everyone is so privileged that they only need to do one transaction a month, but congratulations for being there yourself.
I've got a ways to go before I'll feel privileged, but I'm glad to not be stressing myself out with the daily nail-biting logins anymore. I just told myself to stop, and my line of best fit is exactly the same. Try it before you knock it.
Don't forget: tech is supposed to make life easier. If it's not, you are its slave. Flip the table, or just call me a gaslighter and move on.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I also use Edge, but I've seen a difference of how "Yes, I plan to log in from this device in the future" behaves. In the past, when I've checked that box (and confirmed I'm me using the 2FA), it seemed to last until the next browser or OS update. Recently, I've been seeing it much more often; this is all from the same browser, OS, not using a VPN or suchlike, not clearing out my cookies, same set of browser extensions.FactualFran wrote: ↑Wed Feb 23, 2022 11:34 pm"Remember this device" worked with Edge for me. I have rarely used Edge and strongly suspect that I have never previously logged in to the Vanguard web site using Edge.
[…]
So, "Yes, I plan to login in from this device in the future" actually works. I have no idea what others are doing that interferes with it working for them.
One thing that has changed for me is that I've been performing much more transactions than normal, which makes me wonder if VG on the backend invalidates the "remembered device" when certain financial activity occurs. This spate of transactions will soon come to an end, so I'll have more anecdata after that.
"The first principle is that you must not fool yourself—and you are the easiest person to fool." — Richard P. Feynman
- oldcomputerguy
- Moderator
- Posts: 17932
- Joined: Sun Nov 22, 2015 5:50 am
- Location: Tennessee
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I just did. Moved all my Vanguard holdings to Schwab. Went extremely smoothly.
There is only one success - to be able to spend your life in your own way. (Christopher Morley)
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Same issue here. I found that it matters if we last checked my account or another VG account (DW's).
Personally, I do not find it at all annoying tough. I would much rather VG or anyone else be too cautious (trigger 2F for any reason at all) than not cautious enough. The fact that this is becoming a long thread suggests others feel strongly different.
Personally, I do not find it at all annoying tough. I would much rather VG or anyone else be too cautious (trigger 2F for any reason at all) than not cautious enough. The fact that this is becoming a long thread suggests others feel strongly different.
"Owning the stock market over the long term is a winner's game. Attempting to beat the market is a loser's game. ..Don't look for the needle in the haystack. Just buy the haystack." Jack Bogle
-
- Posts: 1968
- Joined: Sun May 25, 2014 5:55 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Gee, this is getting to be a long thread. When it first began, I did not post because no one seemed to be identifying cookie management as the key factor. Now many people have focused on cookie management, yet many others are still complaining. I don't have a magic answer, but I will note my experience. I previously used Safari, on my Mac computers, along with an excellent app called Cookie 6 that lets you check the cookies you want to keep, then the app deletes all other cookies each time you close your browser. As long as I did not log-in to Vanguard with my VPN turned on, Cookie 6 enabled me to log-in without a new 2FA cycle until "something happened" to wipe out my Vanguard cookies. The cycles were pretty long and I never felt compelled to figure out whether the "something" was a mistake by me, an update of MacOS or Safari, or something done by Vanguard.
However, I recently switched to Chrome as my main browser because, aside from cookie issues, I sometimes bump into websites that do not work well with Safari. Unfortunately, I have not been able to find an app that works with Chrome the way Cookie 6 works with Safari, i.e., that lets me check which cookies I want to preserve and deletes the rest every time I close Chrome. Now I seem to have fewer random website problems, but I also have much shorter cycles between new 2FA requirements at Vanguard. As they say, "You make your choices and you live with what you get". As they also say, "Life is Good" - but it is not perfect.
However, I recently switched to Chrome as my main browser because, aside from cookie issues, I sometimes bump into websites that do not work well with Safari. Unfortunately, I have not been able to find an app that works with Chrome the way Cookie 6 works with Safari, i.e., that lets me check which cookies I want to preserve and deletes the rest every time I close Chrome. Now I seem to have fewer random website problems, but I also have much shorter cycles between new 2FA requirements at Vanguard. As they say, "You make your choices and you live with what you get". As they also say, "Life is Good" - but it is not perfect.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Hopefully it is not the same people complaining now, who have complained in the past about Vanguard not being secure enough.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
No brokerage is perfect:oldcomputerguy wrote: ↑Sun Feb 27, 2022 6:43 amI just did. Moved all my Vanguard holdings to Schwab. Went extremely smoothly.
viewtopic.php?p=6540013#p6540013
viewtopic.php?f=1&t=339869
You just have to choose which imperfections bother you the least.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I agree. It’s a bad system and doesn’t even do what it says it will do properly. I remember I must have hit that 2FA thing 6 times in the same day, from the same computer, having checked their “remember box” dutifully every time.PinotGris wrote: ↑Wed Feb 23, 2022 3:03 pm It is a dysfunction of the site. Nothing works. If it works, it reverts back to not working. It is a stupid system. Whatever settings you set should stay as is. The rep. blamed Firefox. I think it has to do with cookies but my other secure sites work fine, like my bank and credit cards. I just got a request to review my experience with Vanguard and I kvetched plenty.
Maybe if they would allow a time-out setting so it wouldn’t log you out after 15 minutes or whatever so you only had to log in 1-2/day when not actively using the site, this would be less of a hassle.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
+1
Perhaps if Vanguard demonstrated at least a slight level of interest in what a forum like the Bogleheads is saying about it and its website... Just a token, occasional hint of a presence in the forum could go a long way, but mere anecdotes we've seen posted about Vanguard watching us don't impress me at all.
I believe we merit at least a modicum of interaction with Vanguard.
Perhaps if Vanguard demonstrated at least a slight level of interest in what a forum like the Bogleheads is saying about it and its website... Just a token, occasional hint of a presence in the forum could go a long way, but mere anecdotes we've seen posted about Vanguard watching us don't impress me at all.
I believe we merit at least a modicum of interaction with Vanguard.
-
- Posts: 184
- Joined: Tue Dec 14, 2021 3:33 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Shouldn't people be concerned that their life savings are at a company whose IT they don't trust? If they seem inept, isn't there a nagging worry of the company being hacked? otoh is the thinking that if they have their security set so high that it even annoys regular customers, then it must be extra safe in that sense?
btw there's the opposite thread here somewhere of someone complaining that their bank doesn't require 2FA every time and it made them uneasy. I think they actually left that bank over it.
btw there's the opposite thread here somewhere of someone complaining that their bank doesn't require 2FA every time and it made them uneasy. I think they actually left that bank over it.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I have the same problem. I've always assumed that is because I'm on a Mac with Safari. The Blue Cross web page has exactly the same problem.
I don't know if this is a browser/OS related issue, but it simply doesn't work. I think it is, and that's just bad design.
I don't know if this is a browser/OS related issue, but it simply doesn't work. I think it is, and that's just bad design.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I've had same experience as you and some others. When Vang first did 2FA, the check box which said 'private device' disabled 2FA for some time, weeks or more. Now at the very least the time setting until it lapses back to 2FA has been drastically shortened. I can sometimes avoid the 2FA if I log back on within minutes, or I seem to recall that still happening sometimes even recently though not 100% sure, but by the next day it's always forgotten. I'll try the profile changing stuff somebody suggested but I'm sure it used to work just by answering 'private device' and now it basically doesn't. It would seem Vanguard should have disclosed this if it's a policy change, or else it's a bug. But I'd also count it as Vanguard's bug if a slightly different operating system or major browser made it not work.itsmeagain wrote: ↑Tue Feb 22, 2022 7:32 pm It's another example of Vanguard's lousy technology. It used to work consistently until maybe 6-12 months ago. That is, I could say I was using a personal device, and it would rememeber without sending a code. I still use the same lap top, but now it doesn't respond consistently. I only log on from a personal device, so at least it's just a small inconvenience.
Since my kids give me unofficial permission to access their accounts (if anyone is going to say 'you're committing a crime by doing that without this or that bureaucrato-legalism, hire a lawyer immediately!' save it ) this has become a significant nuisance. I have to first make sure they're available to text me the code, since we want the code to go to their phones. If it was just my account I wouldn't care much though I'd still be puzzled why there's still a check box for 'private device' which now seems to accomplish almost nothing.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I see your point but as you further suggest there's no real way to know if annoying perhaps buggy aspects of security features signify security overkill that should make you 'annoyed yet reassured' or should make you fear incompetence may have generated errors in the other direction you won't know about until they bite you.anita bahth wrote: ↑Sun Feb 27, 2022 11:32 am Shouldn't people be concerned that their life savings are at a company whose IT they don't trust? If they seem inept, isn't there a nagging worry of the company being hacked? otoh is the thinking that if they have their security set so high that it even annoys regular customers, then it must be extra safe in that sense?
btw there's the opposite thread here somewhere of someone complaining that their bank doesn't require 2FA every time and it made them uneasy. I think they actually left that bank over it.
I think the only thing is to have some diversification among providers for the 'unknown unknown' risks you can't be sure they don't represent. I would never have almost all my assets anywhere. Although with Vanguard it's a pretty big %, albeit divided among several accounts (self, wife, trust and LLC entities). I have a bunch of bank accounts and, almost never logging onto them except at home on my own devices, I don't worry about the few banks that still don't require 2FA.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I have the same problem - intermittently VG doesn't recognize my computer, even if I log on twice on the same day, same computer, same browser never closed. It's hit and miss, no discernible pattern.
-
- Posts: 1968
- Joined: Sun May 25, 2014 5:55 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
My children and their spouses have given me "View Only" permission for their Vanguard accounts. It was easy for them to do, online, with no paper forms or notary signatures required. If your children do the same, it will let you avoid the 2FA hassle.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
First LadyGeek, and now you. Vanguard is losing the bogleheads.org moderator team. Never thought I would see that happen.oldcomputerguy wrote: ↑Sun Feb 27, 2022 6:43 am I just did. Moved all my Vanguard holdings to Schwab. Went extremely smoothly.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I'm sometimes doing actual transactions they direct, though adding their accounts to the 'family view', read only, would help in some cases.fourwheelcycle wrote: ↑Sun Feb 27, 2022 4:02 pmMy children and their spouses have given me "View Only" permission for their Vanguard accounts. It was easy for them to do, online, with no paper forms or notary signatures required. If your children do the same, it will let you avoid the 2FA hassle.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Works fine for me, with a cookie manager plugin.
Last edited by rkhusky on Sun Feb 27, 2022 9:02 pm, edited 1 time in total.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
You can also get permission to transact.JackoC wrote: ↑Sun Feb 27, 2022 8:51 pmI'm sometimes doing actual transactions they direct, though adding their accounts to the 'family view', read only, would help in some cases.fourwheelcycle wrote: ↑Sun Feb 27, 2022 4:02 pmMy children and their spouses have given me "View Only" permission for their Vanguard accounts. It was easy for them to do, online, with no paper forms or notary signatures required. If your children do the same, it will let you avoid the 2FA hassle.
-
- Posts: 1968
- Joined: Sun May 25, 2014 5:55 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Only one child sometimes asks me to help with actual transactions. He is computer savvy and screen shares with me so I can walk him through what he wants to do. Once is usually enough for a new type of transaction. Of course, the children can all use our shared Vanguard rep - they don't need me.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Or the 2FA could just work the way it's supposed to, I could log on with them available to give me the code that comes to their phone, every so many weeks/months, click 'private device' and then be able to log on again without bothering them. The way we used to do it.rkhusky wrote: ↑Sun Feb 27, 2022 8:59 pmYou can also get permission to transact.JackoC wrote: ↑Sun Feb 27, 2022 8:51 pmI'm sometimes doing actual transactions they direct, though adding their accounts to the 'family view', read only, would help in some cases.fourwheelcycle wrote: ↑Sun Feb 27, 2022 4:02 pmMy children and their spouses have given me "View Only" permission for their Vanguard accounts. It was easy for them to do, online, with no paper forms or notary signatures required. If your children do the same, it will let you avoid the 2FA hassle.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
That may violate Vanguard's terms of service. And it's so easy to just get your own login if you all have Vanguard accounts.JackoC wrote: ↑Mon Feb 28, 2022 8:25 am Or the 2FA could just work the way it's supposed to, I could log on with them available to give me the code that comes to their phone, every so many weeks/months, click 'private device' and then be able to log on again without bothering them. The way we used to do it.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
See my earlier post, not interested in comments like that, just noting something which practically worked, now it doesn't.rkhusky wrote: ↑Mon Feb 28, 2022 9:17 amThat may violate Vanguard's terms of service. And it's so easy to just get your own login if you all have Vanguard accounts.JackoC wrote: ↑Mon Feb 28, 2022 8:25 am Or the 2FA could just work the way it's supposed to, I could log on with them available to give me the code that comes to their phone, every so many weeks/months, click 'private device' and then be able to log on again without bothering them. The way we used to do it.
-
- Posts: 2776
- Joined: Sat Feb 21, 2015 1:29 pm
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
A few minutes ago, I logged in using about 108 hours after the previous login. I entered the username and password. The login completed without Vanguard sending a security code. The bypass continues to actually work.tibbitts wrote: ↑Wed Feb 23, 2022 11:56 pm I've been able to bypass 2FA for up to about 24hrs, seemingly randomly, with Chrome. I only tried Edge today so I can't say if I'll ever be able to do 24hrs or more with that; my first attempt failed after about an hour. But I'm not counting 24hrs as "working."
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Interesting. I've had 100% failures after 24hrs (sometimes much less) with every browser I've tried, and I log in at least once a day.FactualFran wrote: ↑Mon Feb 28, 2022 1:03 pmA few minutes ago, I logged in using about 108 hours after the previous login. I entered the username and password. The login completed without Vanguard sending a security code. The bypass continues to actually work.tibbitts wrote: ↑Wed Feb 23, 2022 11:56 pm I've been able to bypass 2FA for up to about 24hrs, seemingly randomly, with Chrome. I only tried Edge today so I can't say if I'll ever be able to do 24hrs or more with that; my first attempt failed after about an hour. But I'm not counting 24hrs as "working."
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
I’ve gone 6+ months without needing 2FA. But I don’t update my browser or OS very often.
Re: Anybody know how to make "Yes, I plan to log in from this device in the future" actually work?
Well, the point is that whether you want to hear it or not (and it may actually be against the law, IANAL), it WORKS, to some extent. I have Vanguard's POA for my mother's account and for my late MIL trust for my wife. When I do beat the Vanguard guard dogs, all those accounts appear together in one place with simple access, almost as if they were "mine."
When there is a 2FA problem, it's simply me and my phone.