Security Software

Quicken Security Theater

Quicken Password Confirmation

I don’t understand this one. The reason many (most) sites require you to confirm your password is to ensure you typed it correctly when creating your password, otherwise a typo would prevent you from logging back in correctly later. We’ve all “fat fingered” a password before. That simple confirmation step prevents it on creation. How does entering my password twice when logging in provide any additional security? If the password is compromised, the extra field does nothing.

I presume the reason is to make Quicken look/feel more secure than it really is.

I should note that I like Quicken. I like it enough that even though the native Mac version is so disappointing on paper that I never purchased it, I did I purchased the Windows version and continue to use it there. I think that demonstrates my not hating Quicken. It does however have its quirks that just make me wonder what they were thinking.

3 replies on “Quicken Security Theater”

Many online services involving money have a security measure to prevent password guessing. Usually, three times of consecutive failures will get you locked out, just as the result if you enter three wrong codes in ATM. As you mentioned ‘we’ve all “fat fingered” a password before,’ this probably tries to help you to make sure you do enter your password correctly, therefore you won’t have used one attempt of three. (And prevent unfortunately fat fingers continuing, the chance is slight, but it’s still possible if the fingers are really fact :D)

@Yu-Jie Lin: Interesting theory, but I doubt it. They all have password recovery and “verification” options down to a fine science because of that.

It is not about entering the pw twice when logging in but when setting it up. i u enter the password incorrectly and attempt to download transactions, you would lock yourself out of your account

Leave a Reply

Your email address will not be published. Required fields are marked *