I find this quite annoying too. If 2FA is not enabled they basically forced it to be enabled. - You are free to make a choice as long as it is the choice I tell you to make.
They have been doing the same thing to me the past 2 weeks. I emailed support and they said I needed to call and talk to someone about having it disabled. I verified it is switched off in my settings so I'm wondering what is going on also.
I like 2FA and use it for most of my financial accounts. But my issue with M1’s 2FA is comparable though - when I set it up, I had to authenticate every login (as opposed to only on new devices / only after x days).
M1 behaves exactly like my Fidelity and Vanguard accounts with 2FA enabled. I have to enter the six-digit token on each login. So I would disagree that "no other financial institution does this by default." It is the common, best-practice for a brokerage, where you may have significant assets to protect.
I find this quite annoying too. If 2FA is not enabled they basically forced it to be enabled. - You are free to make a choice as long as it is the choice I tell you to make.
They have been doing the same thing to me the past 2 weeks. I emailed support and they said I needed to call and talk to someone about having it disabled. I verified it is switched off in my settings so I'm wondering what is going on also.
Enable 2FA and you won't have to mess with the email. Good security practices are always welcome features.
I like 2FA and use it for most of my financial accounts. But my issue with M1’s 2FA is comparable though - when I set it up, I had to authenticate every login (as opposed to only on new devices / only after x days).
yeah just noticed this as well. painful
M1 does a lot of shit no other financial institution does… like making you prove you moved versus just letting you update your address. lol
I updated my address just fine.
Their stupid security goes too far making users do less secure things
M1 behaves exactly like my Fidelity and Vanguard accounts with 2FA enabled. I have to enter the six-digit token on each login. So I would disagree that "no other financial institution does this by default." It is the common, best-practice for a brokerage, where you may have significant assets to protect.