For months, E-Trade had been pestering me to take advantage of their new multifactor security system for accessing my accounts on their site. And I’d resisted. Honestly, my financial sites are about the only ones where I make an effort to create passwords that would be difficult to crack. But they still make me nervous.That’s why I’d avoided using Yodlee-powered account aggregation tools to track my accounts at multiple sites. (I’d get set up and then have night-sweats imagining all my accounts being drained simultaneously by some Yodlee-defeating hacker. The next day, I’d kill the Yodlee account in a panic. Yes, this has happened more than once.)It’s also why I like that my credit-card issuer now takes the “Is This Your Image?” approach to security. It’s not perfect, but I feel better. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe I used to use the Greasemonkey-based Password Composer to create unique passwords for my banking sites, but a few security flaws in the system caused me to drop that fun little tool. But then came the dongle option. I had to admit, it looked cool. But years ago, my wife had to use one of these same kinds of “time synchronized security key” gadgets (though hers was the size of a pager–mine fits nicely on my keychain). I remember it as being clumsily integrated, unreliable, and simply a pain to deal with on a regular basis. So I wasn’t sure I wanted to tie my banking to such a device. Hang around Scott Berinato enough, however, (he’s a senior editor at our sister site, CSOonline.com), and you’ll begin to get seriously paranoid about online banking. So I took the plunge and ordered the security dongles. They sat on a shelf for a couple weeks before I finally activated them. But after I did, I felt…relieved. The integration with the standard login is easy enough. You just enter your username and then tack the current six-digit number from the dongle onto your existing password. It’s simple, and it hasn’t failed since. It does mean that I can’t use those account aggregators anymore, but they scared me anyway. And there’s something kind of calming about having the security ID on my keychain. In fact, it makes me wish that I could sync the same token to other accounts. (Having one of these on my keychain is fine–but if I needed a dozen, I’d need bigger pockets.)I keep waiting for the key to cause me a “bad experience,” but so far, I’ve been pleasantly surprised. What do you know; a technology that actually seems to work as advertised! (For more on E-Trade, take a look at Susannah Patton’s recent story on what makes the online bank tick.) Related content feature Mastercard preps for the post-quantum cybersecurity threat A cryptographically relevant quantum computer will put everyday online transactions at risk. Mastercard is preparing for such an eventuality — today. By Poornima Apte Sep 22, 2023 6 mins CIO 100 CIO 100 CIO 100 feature 9 famous analytics and AI disasters Insights from data and machine learning algorithms can be invaluable, but mistakes can cost you reputation, revenue, or even lives. These high-profile analytics and AI blunders illustrate what can go wrong. By Thor Olavsrud Sep 22, 2023 13 mins Technology Industry Generative AI Machine Learning feature Top 15 data management platforms available today Data management platforms (DMPs) help organizations collect and manage data from a wide array of sources — and are becoming increasingly important for customer-centric sales and marketing campaigns. By Peter Wayner Sep 22, 2023 10 mins Marketing Software Data Management opinion Four questions for a casino InfoSec director By Beth Kormanik Sep 21, 2023 3 mins Media and Entertainment Industry Events Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe