r3fresh - Latest Comments in How Secure is Mint.com?

Re: How Secure is Mint.com?

Maria — Thu, 04 Sep 2008 20:11:28 -0000

Can't trust this new site just yet especially when it requires banking passwords.

Nooopppp!!

Re: How Secure is Mint.com?

Amy — Thu, 28 Aug 2008 06:47:40 -0000

Agreed! I was skeptical of the safety of Mint.com, and this confirmed it for me. Thx!

Re: How Secure is Mint.com?

Justin Goldberg — Mon, 21 Apr 2008 23:24:16 -0000

Is it possible to store the info in a hashed form, where it is only one-way encrypted? I guess that depends on how yodlee works exactly. Shouldn't the mint.com sock puppets and astroturfers be somewhere close by?

Use a different password for paypal, the bank, ebay, etc....

Re: How Secure is Mint.com?

Loren — Tue, 15 Apr 2008 00:37:17 -0000

Thanks for your input Jeremy. It's only a matter of time before Mint is hacked into. I had a card that I used with Mint, but I got it changed very soon after.

Re: How Secure is Mint.com?

Jeremy — Mon, 14 Apr 2008 19:50:40 -0000

I gave it a try. It doesn't do enough to warrant my trust. Plus they say they do not store your info but, as a web app builder, I have to point out that it is impossible for them NOT to store your info. It is stored in some format, possibly in an encrypted format, but that encrypted format is obviously a format that can be used to access your account info...otherwise, how do they do it? think about it. Also, here is the thing that scared me away. I used the Forgot Password feature. It sent me an email and the link in the email takes you right to a place where you can change your password. No extra security features. So if somebody hijacks your email (which is soo much easier than you might think) they will be able to quickly get all your mint info just by clicking a couple links. WATCHOUT.

BTW, another security tip. If you use your email address as a login at ANY site, never use the same password for as you need for your login. Your password is often stored in a raw format in a db where admins can just see it, and log directly into your email account. I have seen this with my own eyes, databases with thousands of email address / password combos, where probably 50% are using the same password as their email yahoo or gmail account.

Re: How Secure is Mint.com?

Rose — Fri, 14 Mar 2008 10:26:16 -0000

Whoops, I meant to say moneydance. Steve Ballmerian slip.

Re: How Secure is Mint.com?

Rose — Fri, 14 Mar 2008 10:21:06 -0000

The developer of monkeydance personal finance manager has been trying to get banks to allow his program access for years. I bet that someday banks will be forced to have some kind of universal api that works with every bank (securely of course)

Re: How Secure is Mint.com?

lazysupper — Mon, 10 Mar 2008 20:42:20 -0000

I signed up for Mint. I thought I'd be able to use nicknames for my accounts, credit cards, and loans. I was stunned when they asked for my bank account numbers, passwords, etc.

They are using Yodlee as their back-end, saying Mint does not store your info. However, they "access" your info and accounts "from time to time" to update your Mint account.

They require a lot of faith in their encryption and security.

For now... not a chance.

Re: How Secure is Mint.com?

Justin Goldberg — Tue, 29 Jan 2008 16:22:12 -0000

I should have said banks web interface

Re: How Secure is Mint.com?

Justin Goldberg — Tue, 29 Jan 2008 16:21:39 -0000

It gets its data from your banks interface correct?

In any case, banks need to open up their data with a secure, non-proprietary api for things like this. The developer of moneydance personal finance manager has been trying to get banks to allow his program to do the same function for years without the extreme cost.

Re: How Secure is Mint.com?

ob81 — Thu, 11 Oct 2007 05:58:08 -0000

I brought this point up when it was still n beta. I don't trust it. I don't even give all my info to my wife