All these security devices are still susceptible to being hacked, although for limited periods and only by a very determined hacker. This is why IB can make you wait upto 72 hours if want to change your banking instructions even if you login with the device. However they are still better than only using a password for security.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
IB - Why Not a USB Security Device
- Thread starter QuantPlus
- Start date
All these security devices are still susceptible to being hacked, although for limited periods and only by a very determined hacker. This is why IB can make you wait upto 72 hours if want to change your banking instructions even if you login with the device. However they are still better than only using a password for security.
That's not how it works. You log in normally, then as one extra step, keypunch in the eight digit code provided by the device. Quite simple, actually.Quote from QuantPlus:
Thanks for your post.
The exact Security Device IB uses is the following:
http://images.google.com/imgres?img...?q=safeword+platinum&svnum=10&um=1&hl=en&sa=N
The main disadvantage...
Is that you have to enter an 8 digit code...
And then get an 8 digit alphanumeric response...
That one then enters into the TWS login screen.
This is time limited at about 20 seconds...
And after 4 incorrect tries it locks up for 2 hours.
It's harder than it sounds to do.
It would be IMPOSSIBLE for any number of disabled or sick people.
Since a brute force attack would require millions of tries...
Time limiting to 20 sec and 4 attempts is INSANE...
It just punishes the trader...
And drives up IB's Customer Service bill.
A USB device could just plug into any USB port...
And the TWS platform could scan for it.
Also...
It's hard to get good information from IB...
But after talking to about 4-5 people...
Hers are some facts:
(1) Anyone locked out can call the Hotline at (213) 618-4006...
And have your account switched over to a temporary 7 day password.
(2) Typical wait time on Hotline is < 5 minutes.
(3) You can OPT OUT of this device ** for logging in and trading **...
By filling out an OPT OUT form...
But will still need it for withdrawals.
Over and out.
Huh? That is what IB uses;Quote from scurvy:
I just re-read your post and now fully understand just how poor IB's implementation of this very standard security practice is.
They're doing it in a non-standard (and very flawed) way.
The industry standard, accepted way of using it is to replace (or augment) the passphrase component of a login. So you type in your username and your passphrase is a personal 4 digit PIN that you pick prepended to the random digits that show up on your fob. There isn't another challenge after that, you're in. The three-factor authentication (username, PIN, and security fob) is generally considered to be highly secure. Some places where username matches email address (thus making it kinda bunk) do four-factor: username, passphrase, PIN + fob.
From what I've read about IB and their service, this is par for the course.
1. User name
2. Password (can be lengthy w/numbers and characters)
3. Passcode from the device.
THa device is a dongle for software developers to prevent bootleg copies being used.Quote from QuantPlus:
I think the IB Security Device is terrible.
Can someone please explain...
Why they would chose an out-dated hand held device...
Instead of a USB device like this one:
http://mktg.safenet-inc.com/mk/get/req_rm_form_shk_lp?gclid=CJbq_cnYmo4CFQM1PwodU25wXQ
And please don't give me...
That "someone will break into my office and use my trading account"...
Because that is crazy.
Otherwise, in addition to not being able to use it on a handheld or phone,suppose you're out of the country at an Internet Cafe, they may not have an USB port offered.
Quote from OldTrader:
I don't think anyone "sick" would have any difficulty, although I question whether one should be trading "sick".
Disabled might have a problem, depending on the disability. And if that is the case, they can opt out.
OldTrader
This is a truly HEARTLESS post.
I'm sure IB has a job for you in Tech Support.
I have had at least 5 friends is wheelchairs, etc over the last few years...
For whom it would be completely impossible to use any of these IB devices.
Anyone sick or disabled would have years to develop trading systems they can use...
That would not be subject to artificial 15 second deadlines invented by 26 year old programmers...
So that comment of yours is especially, spectacularly stupid.
The OPT OUT letter is full of catch 22s...
It's extremely threatening...
Where IB says they will not reimburse you for any fraudulent losses however caused.
Since IB gives one no reasonable alternative to the Security Devices...
And these devices DISCRMINATE against handicapped people...
(Just like you, Old Trader)...
They are clearly illegal in Canada...
And this type of thing is taken VERY seriously here in Socialist Paradise.
It would probably take one letter to the Human Rights Commission...
For IB to be hauled out onto the carpet...
And be forced to change their Draconian behavior.
Quote from QuantPlus:
I have had at least 5 friends is wheelchairs, etc over the last few years...
For whom it would be completely impossible to use any of these IB devices.
Since IB gives one no reasonable alternative to the Security Devices...
And these devices DISCRMINATE against handicapped people...
(Just like you, Old Trader)...
Would these wheelchair people be unable to use the passcode card that IB has made available? It requires no special skills except the ability to read.
You seem to be unaware of it based on your remarks above.
Jack
If you put a USB device into a computer and that computer is hacked, then the security is just pointless. Those USB security devices are mainly used to enforce software licensing. The good thing about the devices they use is that they are totally independent of any computer.
I'm surprised that everyone thinks they are smarter than the folks at IB.
I'm all for a large-button and large-screen version for disabled folks. The credit-card sized one doesn't look too bad though on the webpage. Seems like if you could read and trade on the computer you could use it.
I'm surprised that everyone thinks they are smarter than the folks at IB.
I'm all for a large-button and large-screen version for disabled folks. The credit-card sized one doesn't look too bad though on the webpage. Seems like if you could read and trade on the computer you could use it.
that particular USB device protects against piracy and won't serve the purpose we need.
what you need is a USB device that is uniquely coded for your account not for your installation of TWS. you would not be able to log on without the device. but you can use it with any installation of TWS.
the USB device i described is the best, most convenient solution for those who trade manually through their computer. the current token solution is the most versatile (it works with phones) but one of the least convenient.
what you need is a USB device that is uniquely coded for your account not for your installation of TWS. you would not be able to log on without the device. but you can use it with any installation of TWS.
the USB device i described is the best, most convenient solution for those who trade manually through their computer. the current token solution is the most versatile (it works with phones) but one of the least convenient.
The device I received from IB doesn't require any standing or walking. In fact, I think 99.99999% of its usage would occur while sitting... and it works with any kind of chair, bench, pew, wheelchair, hassock, stool, lawn chair, etc., etc., etc.Quote from QuantPlus:
I have had at least 5 friends is wheelchairs, etc over the last few years...
For whom it would be completely impossible to use any of these IB devices.