It seems like financial companies are competing to see which one can “reinvent the wheel” first and in the most unconventional way. I needed to change something in my Fidelity account, where I handle my pension contributions. I log in, but the 2FA fails because, for some reason, they have my number incorrectly listed, so I can’t receive the SMS to log in. Okay, these things happen. But then they ask me to enter a code that the operator will give me if I call phone number XXX. So I call.
To get to this operator, you need to enter your SSN using the phone keypad, which is a bit of a stretch, but still normal. Usually, they just ask for the last four digits. But that’s not enough. Their robot asks me to enter my password! From the phone keypad! The very one I use on the web. How do I do that — literally pressing the keys ABC, DEF, etc. And my password is long, I at least need to see it in front of me. Okay, I managed to find it (meanwhile the robot tries to hang up because it thinks I’ve frozen). I laboriously entered the password. Clearly, things like case sensitivity aren’t considered, and luckily, my password doesn’t contain special characters that aren’t on a phone keypad — I can’t even imagine how I’d enter them.
It doesn’t go through! Damn, I have to repeat it. Last attempt, it says. Enter it again. I entered it a second time, this time correctly. The robot thanked me and said they are currently off, so goodbye.
In another service, UBS, I’m constantly asked to change not just the password, but also the username. In a third service, you can’t recover a password, you can only call to reset it, and they send the temporary password in plain text via email, and it’s not temporary at all.
Hi, I'm Rauf Aliev. 