PEEBS.ORG – An Open Letter to Stop storing my bank credentials!

I love They have spectacular visual design, a great product, an entertaining and informative blog, and a great iPhone app. I know tons of people who love, and yet, when surveying my digital life with a critical eye, I know of no greater security risk than It’s still astounding to me that Mint could grow from a small startup to being acquired by Intuit in the space of a few years and essentially retain unlimited liability by storing user’s logins and passwords to their entire financial lives. Yikes. If I were turned to the dark side, I would immediately attempt to hit Mint for their millions of users credentials which provide me completely unfettered access to their accounts, most of which are not FDIC insured. This means that when someone hacks Mint, they’ll be able to pull out all of my money, transfer it, etc., and I’ll be responsible because from the financial institution’s perspective they aren’t liable for me entrusting my credentials to a third party.

via PEEBS.ORG – An Open Letter to Stop storing my bank credentials!. I know all this, that Mint is an obvious security hole in keeping my personal digital life secure but I keep using them. What does that say about a company which I recgonize as a security hole in my life but I keep using them? The author is right though, people desire the abilities and tools Mint provides but the banking institutions really need to provide a third party authentication solution like OAuth which grants Mint and other sites read only access to the data.



, ,



Leave a Reply

Your email address will not be published. Required fields are marked *