Quicken Community is moving to Single Sign On! Starting 1/22/21, you'll sign in to the community with your Quicken ID. For more information: http://bit.ly/CommunitySSO

Password Length Limitation of Quicken

mcoile
mcoile Member
edited January 15 in Login and Passwords (Mac)
Feature Request: Could Quicken please allow longer passwords than 16 characters to be used? I like to use strong passwords, particularly for banking.

Specific issue: I was unable to link my Fidelity IRA and 403(b) accounts to Quicken for Mac. I spent half an hour on hold with Fidelity and then the better part of an hour doing troubleshooting with Fidelity, only for them to conclude that I was entering the right username and password in the right spot in Quicken, and that I would need to ask Quicken Support.

I called Quicken Support, who spent a half hour walking me through the same exact steps as Fidelity did (make a new user file, etc), then told me that I was doing everything correctly and I needed to talk to Fidelity support. Of course, I had already done this. I then asked the friendly support guru how long the maximum password length was that Quicken could transmit to the bank and he said "16 characters." This should have been brought up in support somewhere, but even more perplexing is why the limit exists in the first place. I changed my password to 16 or fewer characters, and then was able to successfully link my Fidelity and Quicken accounts. The Fidelity support guy (Diego) said that the Quicken community is the place to request a feature change, so I am posting here. Could Quicken please allow longer passwords? Thanks!
1
1 votes

New · Last Updated

Comments

  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    The limitation comes from Fidelity not Quicken.  I believe both Quicken Windows and Mac adhere to the OFX standard of a max of 32 characters. but the that is if the financial institution doesn't restrict it more.  Here is the information Fidelity sends about this from the OFX log.

                    <SIGNONINFOLIST>
                        <SIGNONINFO>
                            <SIGNONREALM>ca71b298cc5711d0b0c39b012cb0aa77
                            <MIN>6
                            <MAX>20
                            <CHARTYPE>ALPHAORNUMERIC
                            <CASESEN>N
                            <SPECIAL>Y
                            <SPACES>N
                            <PINCH>N
                            <CHGPINFIRST>N
                        </SIGNONINFO>
                    </SIGNONINFOLIST>
     
    So in fact you should be able to use 20 characters.

    But I will also state that there isn't anything "insecure" about a 14 character password.  A brute force attempt to guess a random 14 character password would take about 49 billion years with current computer speeds, but it is irrelevant.  Fidelity will lock your account after about 3 tries.
    Signature:
    (I'm always using the latest Quicken Windows Premier subscription version)
    This is my website: http://www.quicknperlwiz.com/
  • jacobs
    jacobs SuperUser, Mac Beta Beta
    Chris_QPW said:
    But I will also state that there isn't anything "insecure" about a 14 character password.  A brute force attempt to guess a random 14 character password would take about 49 billion years with current computer speeds, but it is irrelevant.  Fidelity will lock your account after about 3 tries.
    All true. But… if people use a system of long passcodes or a password manager to generate long passwords, there's really no reason Quicken shouldn't accommodate them. In the old days, passwords on some systems were limited to 8 or 10 or 12 characters, until the IT world switched to saying long password or "pass phrases" are better and more secure.

    I would think 32 characters should be enough for anyone, so if it's correct that the limitation is set by the financial institution, then the pressure should be on them to change. However, although you showed that the OFX from Fidelity allows up to 20 characters, Quicken Support said the limit is 16 characters. So it's possible that the Quicken app is limiting passwords to 16 character. Or it's possible that the Quicken support agent was wrong about there being a 16-character limitation. (I'm not going to post odds on which of those is likely to be wrong. ;) )
    Quicken Mac Subscription • Quicken user since 1993
  • Ps56k2
    Ps56k2 SuperUser ✭✭✭✭✭
    edited January 15
    Did a quick look at our OFX -
    Fidelity - 20
    TRowe - 32
    Vanguard - 20
    Schwab - was missing the related markup text - wonder why ?
    Quicken 2020 Deluxe - Subscription - Windows 10
  • Justin K
    Justin K Member
    This isn't limited to the MAC version. The PC version also has this issue. I want to ensure my financial accounts are secure as well and have a long password, Quicken doesn't support it, not very reassuring.
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    edited February 21
    jacobs said:

    However, although you showed that the OFX from Fidelity allows up to 20 characters, Quicken Support said the limit is 16 characters. So it's possible that the Quicken app is limiting passwords to 16 character. Or it's possible that the Quicken support agent was wrong about there being a 16-character limitation. (I'm not going to post odds on which of those is likely to be wrong. ;) )
    I see I never addressed this comment.  My Fidelity password is 19 characters long.
    So, so much for the "16-character limitation" that basically came out of nowhere.

    And as for making it longer than what the financial institution allows, talk to the financial institution.  That goes for situations where you want a longer password or if they allow one thing on their website, but send a different requirement for Quicken.  They are the ones sending the information, at least for Direct Connect accounts.
    Signature:
    (I'm always using the latest Quicken Windows Premier subscription version)
    This is my website: http://www.quicknperlwiz.com/
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    P.S. I'm a Quicken Windows user.  Because this is a restriction coming from the financial institution it is the same for Quicken Mac or Quicken Windows.
    Signature:
    (I'm always using the latest Quicken Windows Premier subscription version)
    This is my website: http://www.quicknperlwiz.com/
  • Ps56k2
    Ps56k2 SuperUser ✭✭✭✭✭
    edited February 21
    Justin K said:  I want to ensure my financial accounts are secure as well and have a long password, Quicken doesn't support it, not very reassuring.
    Its the FI that is telling Quicken what they will allow - down't blame Quicken -
    Did a quick look at our Quicken Windows OFX log file -
    Fidelity - 20
    TRowe - 32
    Vanguard - 20
    Schwab - was missing the related markup text - wonder why ?


    Quicken 2020 Deluxe - Subscription - Windows 10
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    Ps56k2 said:
    Schwab - was missing the related markup text - wonder why ?
    I looked it up in the OFX standard, and this information is optional.
    I wonder how Quicken treats it.  I would imagine it has no restrictions other than the OFX standard of no more than 32 characters.
    Signature:
    (I'm always using the latest Quicken Windows Premier subscription version)
    This is my website: http://www.quicknperlwiz.com/
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    edited February 21
    BTW since you have have upper and lower characters (52 characters) plus all the digits (10) plus at least a few "special" characters you have about 65 possibilities per digit.  If you multiply 65 times for every digit that gives you the number of combinations.  So for 14 digits here is the number of combinations:
    24,031,838,291,621,636,962,890,625

    Edit 19 digits:
    2,788,391,667,128,460,141,519,546,508,789,100

    Now with either of these guess my password in three tries.
    Signature:
    (I'm always using the latest Quicken Windows Premier subscription version)
    This is my website: http://www.quicknperlwiz.com/
Sign In or Register to comment.