Quicken allows transaction download without vault password
Bill West
Member ✭✭✭
Running the latest version of Quicken Deluxe on Windows 10. I have many accounts for which I download transactions via the 1-step Update command and I always get prompted for my vault password.
However, if I select an individual account and go over to the gear and select "Update now", it proceeds to download the transactions without prompting for the vault password. This method is allowed for all Express Web Connect accounts. My Direct Connect accounts still require the vault password.
Shouldn't this backdoor method be fixed?
Quicken Version R 41.10 Build: 27.1.41.10
However, if I select an individual account and go over to the gear and select "Update now", it proceeds to download the transactions without prompting for the vault password. This method is allowed for all Express Web Connect accounts. My Direct Connect accounts still require the vault password.
Shouldn't this backdoor method be fixed?
Quicken Version R 41.10 Build: 27.1.41.10
Tagged:
0
Comments
-
@Bill West - try this. Close and reopen Quicken. Do an "Update Now". It should ask for a vault password. The reason why it doesn't ask for a vault password because you are doing it right after you do a one step update. The vault password is only required once during a session.0
-
Bill West said:Running the latest version of Quicken Deluxe on Windows 10. I have many accounts for which I download transactions via the 1-step Update command and I always get prompted for my vault password.
However, if I select an individual account and go over to the gear and select "Update now", it proceeds to download the transactions without prompting for the vault password. This method is allowed for all Express Web Connect accounts. My Direct Connect accounts still require the vault password.
Shouldn't this backdoor method be fixed?
Quicken Version R 41.10 Build: 27.1.41.10
To prevent someone from importing transactions, I suggest you secure access to the Quicken file.0 -
That is interesting. I never noticed that before because I don't usually run a "Connect Now" without doing an OSU first, and only if there is an issue with the OSU. Also, most of my connections are DC. I never understood the need for a vault password. If I remember correctly, the old versions of Quicken didn't require one. As @Sherlock mentioned you can secure your date file with a password, and thus prevent access to the OSU.0
-
Damian said:That is interesting. I never noticed that before because I don't usually run a "Connect Now" without doing an OSU first, and only if there is an issue with the OSU. Also, most of my connections are DC. I never understood the need for a vault password. If I remember correctly, the old versions of Quicken didn't require one. As @Sherlock mentioned you can secure your date file with a password, and thus prevent access to the OSU.0
-
Thanks @Sherlock, I must have remembered incorrectly that there was no vault password.0
-
Hi @Damian @Sherlock
Thanks for your comments. Honestly, I never noticed that Quicken stopped storing "express connect" passwords in the vault. This must have changed when they changed the update process to use "a new aggregation platform". Although I understand why they did it, the one thing I don't like is that you can't cancel a hung/long running update without killing Quicken.
I've been using Quicken since 2002 & seen many changes over the years - especially after Intuit's spinoff of Quicken to a standalone company. I can live with this - it's just strange that the passwords are now stored in 2 places (vault and a cloud server) and the documentation on the differences is pretty buried. I'm not sure it was ever announced that they were changing the storage methods but I did find it in the online documentation:
https://www.quicken.com/support/why-dont-i-need-enter-my-bank-password-download-my-bank
Thanks again for your responses.0
This discussion has been closed.