Schwab Password Length
Phil Derkum
Member ✭✭
Attempting to change Schwab password in my Password Vault I receive an Error Message telling me that a password longer than 14 characters is not allowed
This is not a Schwab limitation!
This is not a Schwab limitation!
0
Comments
-
It may be the limitation Schwab provided for Quicken access. If you haven't already, I suggest you refresh the financial institution's profile: https://www.quicken.com/support/quicken-currently-unable-verify-financial-institution-information-download
If the issue persists, I suggest you deactivate the Online Services of all of the registers associated with the financial institution. After you have deactivated the Online Services of all the registers associated with the financial institution, when you activate the Online Services of one of the registers, Quicken should allow you to save the new password to the Password Vault. Quicken should provide a list of all of the accounts it finds at the financial institution and enable you to link the accounts to the appropriate existing registers.-1 -
Hi @""Phil Derkum" ,A Password Length of 14 Characters is long enough.Go to: https://www.roboform.com/ Get RoboForm Free. It has a Password Generator included.Go to: https://www.schwab.com/public/schwab/client_home and sign in. Change the password to a length of 14 characters. Include Special Characters other than the Special Characters, mentioned at: https://www.quicken.com/support/password-vault-your-bank-could-not-use-password-you-entered
"The cause could be that the bank account login password uses special characters that interfere with Quicken's ability to download transactions. These special characters can be (but are not limited to) the ampersand (&), left carat (<), right carat (>), backslash (\), and forward slash (/).
- Log in to your bank's website.
- Change your password to use characters other than special characters (such as &, <, >, \, or /). "
thecreator - User of Quicken Subscription R53.16 USA
Windows 10 Pro 32-Bit Build 19045.3693
Windows 10 Pro 64-Bit Build 19045.3754
-1 -
QUICK BUT INCORRECT ANSWER.
For those of us that have large Schwab accounts 14 is not enough. My current online Schwab password is 19 characters.
Definite bug in Quicken0 -
Phil Derkum said:QUICK BUT INCORRECT ANSWER.
For those of us that have large Schwab accounts 14 is not enough. My current online Schwab password is 19 characters.
Definite bug in Quicken
https://random-ize.com/how-long-to-hack-pass/?
It says it will take more than 49 billion years to crack it with brute Force guessing.
But frankly this is a whole useless line of thought. Financial institutions lock your account after about three wrong guesses.Signature:
This is my website: http://www.quicknperlwiz.com/0 -
I'm guessing that Schwab is overloaded and is throttling some capabilities to protect their system. I have run into a side effect of their throttle.0
-
BTW don't take my answer to mean I don't think that Quicken (more likely Intuit) doesn't have a problem. I was only commenting about what is "secure".
The way I understand the system working is that Quicken Inc pays Intuit to maintain such information which it gets from the financial institutions. And it provides that information to Quicken when is suppose to use it to determine what is "good password" or not.
Needless to say there can be a "breakdown" of this information getting passed along.
Personally I think it is all the wrong approach. Quicken shouldn't be the "checker of good passwords". They should just accept any password (with in the limitation of the OFX standard which is 32-characters) and let the financial institution reject the password when connecting if it isn't a "good password".
But of course if they are going to have such a system, they do need to maintain it, and if the financial institution is allowing 19 character then that information should get to Quicken be correct.Signature:
This is my website: http://www.quicknperlwiz.com/0 -
I'm posting an update to my comment above now that I have some new information. Information that I never knew before and I don't think any of the other SuperUser's know.
"A little birdy" pointed out this information his OFX log:<SIGNONINFOLIST><SIGNONINFO><SIGNONREALM>Schwab<MIN>6<MAX>234<CHARTYPE>ALPHAANDNUMERIC<CASESEN>Y<SPECIAL>Y<SPACES>Y<PINCH>N<CHGPINFIRST>N</SIGNONINFO></SIGNONINFOLIST>
So clearly at least for Direct Connect (which would be all investment accounts) the financial institutions are actually sending their password requirements. This information doesn't have to come through Intuit, and as such if it is out of date/wrong and Quicken is using it (and I see not reason why it wouldn't be using it) the clearly it should be an easy look in the OFX log kind of operation to see if it is wrong. And if it is then it is the financial institution that has to fix it.
This information isn't available for Express Web Connect accounts so most likely "through Intuit" and refresh the financial institution recommendations are correct for the accounts connected that way.
And given for Direct Connect that this information is coming directly from the financial institution it does make sense that Quicken "pre checks it" instead of just sending the "illegal" password as the user typed it and having it rejected.
BTW in reference to Charles Schwab. I don't have such an account, but the above information from the "little birdy" does, and clearly there isn't a 14 character restriction and he did test that in fact passwords greater than 14 characters work just fine.Signature:
This is my website: http://www.quicknperlwiz.com/1
This discussion has been closed.