# TD Waterhouse Security Upgrade



## fatcat (Nov 11, 2009)

its good to see that they have added two-step verification to web broker login
you can add up to 5 numbers for your two-step login


----------



## pwm (Jan 19, 2012)

Yes, I saw that too. I don't have a mobile phone and wonder how it will work with a land line. Also wondering if it will be mandatory. It looks like it will be.


----------



## like_to_retire (Oct 9, 2016)

pwm said:


> Yes, I saw that too. I don't have a mobile phone and wonder how it will work with a land line. Also wondering if it will be mandatory. It looks like it will be.


It certainly appears it will be mandatory.

You can have a list of numbers for them to send you the code, both mobile and landline. When they require the code, they ask for you to select from your list of numbers previously set up. If you select landline, then the code is sent via voice message at that time. Then you just enter the code. Alternately, if you select mobile at that time, then the code is sent by text.

Appears they will only ask for the code when you change login devices, change passwords, or anything where they question your identity. Otherwise, you would just enter a single password as you do now.

ltr


----------



## OnlyMyOpinion (Sep 1, 2013)

Not a fan of this change. Going to be a PITA.


----------



## stardancer (Apr 26, 2009)

I tried to voluntarily change to the 2 step yesterday, but it didn't work; it also says that EasyWeb login would be changed at the same time


----------



## Koogie (Dec 15, 2014)

OnlyMyOpinion said:


> Not a fan of this change. Going to be a PITA.


+1

EQ Bank already does this. They won't recognize my work computer as a valid device and insist on two step each time. The other day I had to wait 10 minutes for the code to be texted. I got impatient and tried it three times. After 10 minutes.. ding,ding,ding.. three texts in a row.

And EQ Bank is good with tech.... TD ... not so much.

Prediction: clusterf*ck


----------



## like_to_retire (Oct 9, 2016)

Koogie said:


> +1
> 
> EQ Bank already does this. They won't recognize my work computer as a valid device and insist on two step each time. The other day I had to wait 10 minutes for the code to be texted. I got impatient and tried it three times. After 10 minutes.. ding,ding,ding.. three texts in a row.
> 
> ...


Your experience is exactly what entered my mind when I first saw TDDI was going to this method - How long will it take for the text to be sent???

Sometimes I need to get into TDDI fast when I need to buy or sell something (for whatever reason). It would mighty frustrating sitting around waiting for a text message as the market passes you by.

ltr


----------



## pwm (Jan 19, 2012)

Or in my case with a land line only, my wife picks up the phone and hangs up because she thinks it's just another robo-telemarketing call. Or what happens when I sign on at another computer? How will I get the code if they phone my home phone?


----------



## kcowan (Jul 1, 2010)

Our problem is that when we relocate to Mexico, it takes a couple of days to get our Mexican cell phones operational but we want access to our online world right away. So yes it will be a PITA.


----------



## like_to_retire (Oct 9, 2016)

pwm said:


> Or in my case with a land line only, my wife picks up the phone and hangs up because she thinks it's robo-telemarketing call. Or what happens when I sign on at another computer? How will I get the code if they phone my home phone?


You won't be able to get the code if you don't have a mobile phone. It does seem that the assumption today is that everyone has a computer and a mobile phone, and there are increasing situations where there's no way around it if you don't. 

Case in point. A few weeks ago I had to drop my car off at the dealer to leave it for some maintenance work. Normally, my dealership has a van that they use to transport people back home and pick them up later when the car is ready. This time, the dealership tells me they don't have a van anymore, and now they simply give you an UBER code to get home and back, so there's no charge to you. I was already registered with UBER and had the app on my phone, but then I wondered about people without mobile phones. Makes it tough.

Same thing with paying bills today. Pretty tough for someone without a computer.

PWM, it may be time you get a smart phone. :eek-new:

ltr


----------



## humble_pie (Jun 7, 2009)

other brokers have had 2-step signon for years. there won't be any problem. if u move to another device or another zone or another country, just phone a rep. any kind of phone that works.

they'll give you a new code as soon as they can verify your ID. direct to your listening human ears. remember those appendages? they still work


----------



## OnlyMyOpinion (Sep 1, 2013)

like_to_retire said:


> You won't be able to get the code if you don't have a mobile phone. ltr


Are you certain about this though? 
I ask because CIBC has had a similar system when you want to set up a new payee in your chq account. It asks for an email or a phone number and will phone a land line and give a recorded access code via synthetic voice (that you have to write down and then go back to your computer with). We'll have to confirm whether TD will have the option to send the access code via a voice message.

I was helping my Dad out with his last year when this arose. It asked if we wanted to use his email on file or his phone. We first chose his sympatico email account, but the next screen said 'sorry CIBC does not send access codes to this provider'. The landline worked ok if I was there, but since Dad was deaf there was no way he could have even used the voice message by himself.

I realize the value of a another layer of security from TD's perspective, but I agree with you that the propellor heads seem to be assuming that everyone has a cell phone these days. Customer experience for many will suffer with this change.


----------



## Koogie (Dec 15, 2014)

"just phone a rep" It would be a fairly useless system if I had to call in and talk to a rep every time I change login locations. Have you called TDDI lately ? Do you fancy spending 10-30 minutes on hold on the phone every time you want to login ?

I am sure it will work but the TDDI tech department is a regular port of call for the f*ck-up fairy.. so, I am sure they'll get it wrong before they eventually get it right and that even afterwards, there will be lots of "interruptions" in service.


----------



## like_to_retire (Oct 9, 2016)

OnlyMyOpinion said:


> Are you certain about this though?
> I ask because CIBC has had a similar system when you want to set up a new payee in your chq account. It asks for an email or a phone number and will phone a land line and give a recorded access code via synthetic voice (that you have to write down and then go back to your computer with). We'll have to confirm whether TD will have the option to send the access code via a voice message.


TDDI documentation says that they will indeed send a voice message to a landline, but I was responding to PMW's question of how he would get the code if he was away from his home phone, and the only way I know would be by mobile (because the landline number you select to receive the voice message has to be on your previously set up list of numbers), or I suppose as humble says, you could phone them if you could find a phone. Not many pay phones left, but I'm sure you could find one.

ltr


----------



## pwm (Jan 19, 2012)

like_to_retire said:


> You won't be able to get the code if you don't have a mobile phone. It does seem that the assumption today is that everyone has a computer and a mobile phone, and there are increasing situations where there's no way around it if you don't.
> 
> Case in point. A few weeks ago I had to drop my car off at the dealer to leave it for some maintenance work. Normally, my dealership has a van that they use to transport people back home and pick them up later when the car is ready. This time, the dealership tells me they don't have a van anymore, and now they simply give you an UBER code to get home and back, so there's no charge to you. I was already registered with UBER and had the app on my phone, but then I wondered about people without mobile phones. Makes it tough.
> 
> ...


So I will need to become a dopamine-feedback loop zombie like everyone else? Walking into lamp posts? Staring at my phone over dinner? Please say it ain't so!


----------



## like_to_retire (Oct 9, 2016)

pwm said:


> So I will need to become a dopamine-feedback loop zombie like everyone else? Walking into lamp posts? Staring at my phone over dinner? Please say it ain't so!


I'm afraid it is so. Like you, I avoided smart phones for a lot longer than most. I now use it more as a mobile tablet than anything else. It costs me very little. I pay as I go with SpeakOut as my provider. I very seldom use the phone or text part of the phone, although when you need it, it's invaluable. A cell phone gives you security to make a call in an emergency. That's a pretty big feature. Also, you never get lost.

ltr


----------



## OnlyMyOpinion (Sep 1, 2013)

Scenario: You are away from your home & landline but have your laptop with you and are trying to access TD. You don't have a cell phone. A few options might work:
1. Have the access code sent to an on-line email address (like gmail), open another tab to receive it and carry on with TD online.
2. Access your home phone messages online by logging into your phone provider's website, listen to the recording and then carry on with TD online. 
This assumes the call will ring until the answering machine picks up and then the access code will be provided and recorded properly. I don't know if these calls work that way though - they may start talking as soon as the phone gets answered by the answering machine.

I'm hoping option 1 will work smoothly for me, there are far too many zombies in the world these days.


----------



## like_to_retire (Oct 9, 2016)

OnlyMyOpinion said:


> Scenario: You are away from your home & landline but have your laptop with you and are trying to access TD. You don't have a cell phone. A few options might work:
> 1. Have the access code sent to an on-line email address (like gmail), open another tab to receive it and carry on with TD online.
> 2. Access your home phone messages online by logging into your phone provider's website, listen to the recording and then carry on with TD online.
> This assumes the call will ring until the answering machine picks up and then the access code will be provided and recorded properly. I don't know if these calls work that way though - they may start talking as soon as the phone gets answered by the answering machine.
> ...


It would appear that you can only get a text or voice mail - no email codes.

View attachment 18770


They do ask for an email address, but it appears it's only to give you security alerts like when your username or password changes, or when your phone numbers are added or deleted.


ltr


----------



## OnlyMyOpinion (Sep 1, 2013)

Damn, ok thanks. I haven't yet 'dug as deep' as you have.

I wonder, is there such a thing as having an "internet phone number" that could receive a text message, without actually owning a cell phone?
Sort of a skype-type thing?


----------



## Spudd (Oct 11, 2011)

OnlyMyOpinion said:


> I wonder, is there such a thing as having an "internet phone number" that could receive a text message, without actually owning a cell phone?
> Sort of a skype-type thing?


It's not free, but if you set up an account with VOIP.ms you can set it up to receive text messages, and also to forward those text messages to your email. I think that would run you about $1/month. Conveniently, you can also reply to said text messages through your email, so if you wanted to actually text people, it could be used for that as well (assuming they had texted you first... I don't know if you can initiate a text messaging session).


----------



## humble_pie (Jun 7, 2009)

like_to_retire said:


> TDDI documentation says that they will indeed send a voice message to a landline, but I was responding to PMW's question of how he would get the code if he was away from his home phone, and the only way I know would be by mobile (because the landline number you select to receive the voice message has to be on your previously set up list of numbers), or I suppose as humble says, you could phone them if you could find a phone. Not many pay phones left, but I'm sure you could find one.




so sorry ... but if one is roaming w a mobile & wants to access the broker account, why would one need a pay phone

if one is travellin but has no phone (ie needs a pay phone) why bother because how would one access one's account

at other brokers the code does not have to be entered every time one accesses account. Mine (@ other brokers) works effortlessly although breaks down once or twice a year ... at which point their system starts asking the backup ID questions ie what is the name of your favourite niece's pet puppy ... if niece has new puppy or i can't remember i phone broker ... new code ... works fine for another year ... ce n'est pas la fin du monde ...

.


EDIT: suppose one is away from house w only a laptop, no text phone

a) at other brokers the code will work for laptop provided it has already been set up

b) the big green can & does send encrypted e-mails, presumably could send 2-step code this way. In my experience TD encrypted e-mails are hopelessly challenging to open, although AFAIK the green does still send them.




like_to_retire said:


> It would appear that you can only get a text or voice mail - no email codes


----------



## fatcat (Nov 11, 2009)

i wouldn't be too nervous about this

i signed up and received a confirmation to verify my number immediately via landline ... i clicked "call me" and my phone rang within 10 seconds and the voice gave me a 6 digit code which i entered on my laptop

i have been using this system on my google account for years ... you can get a text on your mobile or landline call ... it works flawlessly ... the code is only good for a very short time

with google i upgraded to the authenticator app which does 2-step by having me just launch the app on my phone and i see a 6 digit code which i enter to access my google account ... works flawlessly every time

hopefully td will support authenticator (or even better yubikey ) which will makes things even more secure and easier

it will all be fine and we will have an extra layer of protection for our life savings


----------



## like_to_retire (Oct 9, 2016)

humble_pie said:


> if one is travellin but has no phone (ie needs a pay phone) why bother because how would one access one's account


Laptop through wi-fi.



> b) the big green can & does send encrypted e-mails, presumably could send 2-step code this way. In my experience TD encrypted e-mails are hopelessly challenging to open, although AFAIK the green does still send them.


It appears TDDI will not send codes by e-mail.

ltr


----------



## humble_pie (Jun 7, 2009)

fatcat said:


> ... the code is only good for a very short time



that's what i found at other broker although i would say OK for a few months, more than "a very short time."

after a code expires, OB other broker reverts to the ID questions which i doubt anyone can remember if they're away from home. Sometimes these work, i can persuade system to issue new code. 

.


----------



## humble_pie (Jun 7, 2009)

like_to_retire said:


> It appears TDDI will not send codes by e-mail.



last week the big green was still sending encrypted e-mails. Perhaps they've decided not to use these in the 2-step rollout because numbers of clients have had significant trouble opening the encrypted.


----------



## kcowan (Jul 1, 2010)

OnlyMyOpinion said:


> Damn, ok thanks. I haven't yet 'dug as deep' as you have.
> 
> I wonder, is there such a thing as having an "internet phone number" that could receive a text message, without actually owning a cell phone?
> Sort of a skype-type thing?


Yes I will try Magicjack which I get on my cell phone as long as I am on wifi anywhere. Problem solved.


----------



## fatcat (Nov 11, 2009)

it should work on any number whether magicjack or google phone or whatever ... it is merely a robot speaking whatever digits the computer has specified

with td bank usa i use my iphone and it texts me a code and that works well



> *pie said:*that's what i found at other broker although i would say OK for a few months, more than "a very short time."
> 
> after a code expires, OB other broker reverts to the ID questions which i doubt anyone can remember if they're away from home. Sometimes these work, i can persuade system to issue new code.


with google i have switched to the authenticator app which is easier than the voice call and the authenticator codes only last for a short time, i think as long as the app is open

google authenticator is open source and so td bank could choose to implement it if they chose


----------



## like_to_retire (Oct 9, 2016)

fatcat said:


> ...............with google i have switched to the authenticator app which is easier than the voice call and the authenticator codes only last for a short time, i think as long as the app is open
> 
> google authenticator is open source and so td bank could choose to implement it if they chose


But isn't there a difference between  *two step authentication* (TDDI method we're discussing) and *two factor authentication* that the GOOGLE app you are talking about use?

ltr


----------



## fatcat (Nov 11, 2009)

like_to_retire said:


> But isn't there a difference between  *two step authentication* (TDDI method we're discussing) and *two factor authentication* that the GOOGLE app you are talking about use?
> 
> ltr


good question, they call it a "form" of two factor authentication 



> TD IdentificationPlus, our identity verification platform, is a *form* of two factor authentication . The authentication method employed by Easyweb uses back end systems to detect and stop fraud.


therefore they may or may not be able to use the google authenticator ...

in a practical sense, it is about functionally the same

google authenticator gets it code over the web (i have a data block on my phone) and pops up right away

if you choose the text method you should get a text from td right away and just open your messaging system to get your code

i know with apple that two-step verification is older and inferior to two-factor authentication which is built-in to the apple ecosystem


----------



## james4beach (Nov 15, 2012)

kcowan said:


> Yes I will try Magicjack which I get on my cell phone as long as I am on wifi anywhere. Problem solved.


I think either Magicjack, Voip.ms, or Callcentric should work. You can establish one number (registered with TD) that will either ring your software-based phone or just _forward_ the call to some other phone in the local country. For example, Callcentric configured with a DID number (direct dial-in number) that forwards to another number will cost you $2/month plus a few cents per min for each call. You don't have to use a VoIP phone, and can update the forwarding number through the web site. I've used this while hopping between Canada-Asia-Europe and using local SIM cards in each country. The whole time, a single Canadian phone # reached me (by forwarding to my current cell).

According to their web site, TD can either do text messages or voice calls:



> With Two-Step Verification, you can use either a mobile phone or a land line to receive one-time security codes. Your code can be sent as a text message to a mobile phone, or by voice message to a mobile phone or land line. You can add up to 5 phones to receive one-time security codes, so you can access your accounts no matter where you are.


Even though you could register a foreign phone number, I'd be wary of registering any US phone numbers because this may flag you for suspicion as a US person, leading to FATCA and IRS reporting. If you're going to be in the US as a snowbird or commuter, register a Canadian number, even if that means forwarding every call.

On this government page they mention that banks may try to identify you as a US resident because of a US phone number.

http://www.cbc.ca/news/politics/taxes-internal-revenue-service-fatca-united-states-1.3954789


----------



## Eclectic12 (Oct 20, 2010)

Koogie said:


> ... EQ Bank already does this. They won't recognize my work computer as a valid device and insist on two step each time. The other day I had to wait 10 minutes for the code to be texted ...
> And EQ Bank is good with tech.... TD ... not so much.
> 
> Prediction: clusterf*ck


YMMV ... where my experience is totally different.

For a year + the texts have arrived in less than a minute. As I recall, most of the time, finishing putting in my password then picking up my cell phone to get the text was longer than it took for the text to arrive.

I am not sure why there would be such widely different times - though maybe it is the carrier that is the issue.


Cheers


----------



## Eclectic12 (Oct 20, 2010)

pwm said:


> like_to_retire said:
> 
> 
> > ...
> ...


LoL ... you mean like all people who want to invest in equities have go through a broker paying $200 a trade, right? :biggrin:

I have had a smartphone for at least a decade with no dopamine-feedback loop zombie effects, no walking into lamp posts (I did run into a tree as part of capture the flag game but smart phones didn't exist at that time) and no phone staring at dinner.

At the end of the day, the effects will depend on what you decide on. :eek2:


Cheers


----------



## humble_pie (Jun 7, 2009)

appears the TD 2-step is not going to work like the other broker's 2-step. The other broker at least has kept its security questions & their system uses these to allow a client to obtain a new code when an old code expires or doesn't work.

evidently the big green is going to abolish security questions entirely. 

big green licensed reps won't have any access to the 2-step verification system. Big blue representatives on the other hand are able to tweak their 2-step system to help clients.

the big green system may be 100% digital, as an alternative to text message it might require voice-mail to receive code that will be dialed out by an automated audiobot which will not be able to recognize anything as obsolete as an ordinary human being answering an ordinary phone call.


.


----------



## humble_pie (Jun 7, 2009)

Eclectic12 said:


> For a year + the texts have arrived in less than a minute. As I recall, most of the time, finishing putting in my password then picking up my cell phone to get the text was longer than it took for the text to arrive.



yikes. Eclectic are u signed up so you have to obtain a new verification code every time you log in to the big green?

apparently there is an option to avoid this. The code will be lodged on one's device & then on the TD system will understand that one is the legitimate owner of said code.

not sure what will happen under 2-step when client tries to log into account from different location w different IP addy or - worst scenario - different device.

.


----------



## like_to_retire (Oct 9, 2016)

humble_pie said:


> appears the TD 2-step is not going to work like the other broker's 2-step. The other broker at least has kept its security questions & their system uses these to allow a client to obtain a new code when an old code expires or doesn't work.
> 
> evidently the big green is going to abolish security questions entirely.


Yeah, that's my understanding too.



> the big green system may be 100% digital, as an alternative to text message it might require voice-mail to receive code that will be dialed out by an automated audiobot which will not be able to recognize anything as obsolete as an ordinary human being answering an ordinary phone call.


That's the part I don't really understand. There's a difference between a voice-mail and a voice-message (this is what TDDI will be using). I guess you have to answer your designated phone number when it rings and listen to the robot give you the code.

ltr


----------



## pwm (Jan 19, 2012)

I just signed up for the new TDDI system using my desktop PC, and during the signup process you can do a test phone call. My home phone rang immediately after I clicked the icon and the message was a computer generated voice. There were 6 digits repeated twice. It worked OK, so I signed on from my laptop to see what would happen and there was no extra security for that PC. I have used it before, so they must have it on file. I selected the first option which says they will only use "two step" if you come in on a strange device.


----------



## Eclectic12 (Oct 20, 2010)

humble_pie said:


> yikes. Eclectic are u signed up so you have to obtain a new verification code every time you log in to the big green?


I am not aware of the big green offering this option a year ago plus so I am not sure why you would think so.

In case it wasn't clear - the complaint was about EQ Bank where my comment on performance is also about EQ Bank.


Time will tell whether the big green's version is the same, better or worse but where one EQ Bank client is regularly waiting long times for texts while another is under a minute, it would seem more complicated than how new tech the source system is and what the source system programmer's abilities are.




humble_pie said:


> ... apparently there is an option to avoid this. The code will be lodged on one's device & then on the TD system will understand that one is the legitimate owner of said code.


Up until someone who isn't locking their device has someone else do something with it ... 


Cheers


----------



## james4beach (Nov 15, 2012)

So how is this going to work next time we get a pot stock/bitcoin frenzy like back in January? Is TD's system really going to be able to pump out that many calls & texts for verification over the already-clogged phone systems?


----------



## Spudd (Oct 11, 2011)

james4beach said:


> So how is this going to work next time we get a pot stock/bitcoin frenzy like back in January? Is TD's system really going to be able to pump out that many calls & texts for verification over the already-clogged phone systems?


It will only be needed if people are logging in from devices they haven't used before, not every time you log in. At least that's my understanding. Presumably most people log in from their usual devices most of the time, so the code generation should be minimal.


----------



## m3s (Apr 3, 2010)

fatcat said:


> i wouldn't be too nervous about this
> 
> i signed up and received a confirmation to verify my number immediately via landline ... i clicked "call me" and my phone rang within 10 seconds and the voice gave me a 6 digit code which i entered on my laptop
> 
> ...


Yup

I've used authenticator for years (google, amazon, facebook, twitter accounts etc) I was always surprised Canadian banks don't have dual authentication because banks I used in other countries do

The authenticator app is nice because I change sim/number as I travel or don't want to roam just to get a code


----------



## fatcat (Nov 11, 2009)

humble_pie said:


> appears the TD 2-step is not going to work like the other broker's 2-step. The other broker at least has kept its security questions & their system uses these to allow a client to obtain a new code when an old code expires or doesn't work.
> 
> evidently the big green is going to abolish security questions entirely.
> 
> ...


no it doesn't require voice mail, it will leave a voice mail message with the code but if you pick up the phone it will simply say "hello, your td security code is 555555 for your login" and then repeat the code a couple of time

how often it requires you to do this depends on the security selection you make ... see my image attached below for your choice of security options



humble_pie said:


> not sure what will happen under 2-step when client tries to log into account from different location w different IP addy or - worst scenario - different device.


the security code goes to a phone number not a device ... if you switch your sim card to a new device it will call that device

the whole point of two-step is to create security when people log in from "non normal" ip addresses, thats the point of using two-step verification




james4beach said:


> So how is this going to work next time we get a pot stock/bitcoin frenzy like back in January? Is TD's system really going to be able to pump out that many calls & texts for verification over the already-clogged phone systems?


 how many accounts does google have ? they are granting access to thousands of accounts per second i presume and it has worked flawlessly for me as long as i have had it, close to 3 years at least ... never failed once

though, of course they are google and td is td not exactly cutting edge technology

these are just computers talking to computer robots, they don't get tired and can work pretty fast 


View attachment 18794


----------



## humble_pie (Jun 7, 2009)

fatcat said:


> no it doesn't require voice mail, it will leave a voice mail message with the code but if you pick up the phone it will simply say "hello, your td security code is 555555 for your login" and then repeat the code a couple of time ...
> 
> how often it requires you to do this depends on the security selection you make ... see my image attached below for your choice of security options
> 
> ...




thankx cat

folks not using td app should mostly take the 1st option shown in your jpeg. I'm told do not take 2nd option if you mostly use a base location device. Folks accessing green accounts from both home & work locations would normally be using their own phones for the connect so they'd be ok i assume. Luckily the td says 2-step will be able to recognize up to 5 phone numbers

looks like the problem category wiil be folks who travel w laptop but no smartphone. I imagine there will be a distinct cohort of these - snowbirds - perhaps the td will have to make more new special arrangements for them. 

or the big green could revert to a modification of its old PA client tiers & just plain give phones to HNW clients who need em .each:


speaking of td gifting, i'm told that the big green recently gave gift packages of chocolate & fine tea to selected clients

me i didn't receive any gourmet comestibles, did any cmffers receive belgian chocolates plus fragrant estate teas from TD the discount broker? of course it's possible the big green views cmffers as a fat lot of vulgar beer swills


.


----------



## fatcat (Nov 11, 2009)

i chose option 3 which is the most secure and implements more hassles even though i access 95% of the time from home ... 

i don't log in to tdw so often that having my phone next to me and entering a code is any kind of hassle when it comes to adding another layer of security to the protection of my life savings ...


----------



## james4beach (Nov 15, 2012)

Even if just using a home internet connection to consistently access this, TD will occasionally think your device is new. This will happen when you get a new IP address (which will generally happen every few days or weeks), and/or when you clear all cookies and caches.

You should clear your internet browser cookies and cache pretty much every time you finish banking.


----------



## fatcat (Nov 11, 2009)

james4beach said:


> Even if just using a home internet connection to consistently access this, TD will occasionally think your device is new. This will happen when you get a new IP address (which will generally happen every few days or weeks), and/or when you clear all cookies and caches.
> 
> You should clear your internet browser cookies and cache pretty much every time you finish banking.


i agree on the clearing of cache and cookies james though using private browsing is easier (td now fully supports private browsing)

i don't think the ip address matters, indeed the point of 2-step is that most people log in to banking from multiple ip addresses

the idea is to have "2 factors", something you know, password and usename, and something you have, cellphone or homephone ... the system is ip agnostic i believe since, exactly as you say, ip addresses change constantly


----------



## like_to_retire (Oct 9, 2016)

fatcat said:


> i agree on the clearing of cache and cookies james though using private browsing is easier (td now fully supports private browsing)


Yeah, that's just something I know I won't be doing. I suspect I'm not alone.



> ...the idea is to have "2 factors", something you know, password and username, and something you have, cellphone or home phone ...


That seems smart for sure. A bad guy is not likely to have both something you know and something you have. 

If I look at the TDDI literature on the topic it says:

_To confirm your identity, you may be asked for a one-time security code after you login. 
This confirms it’s really you accessing your account and helps protect your personal information. 
Here are a couple of examples of when you might be asked:

* You login from an unfamiliar device or location
* You reset your password_

So, hopefully, if I login from my home computer I won't be asked too often for this extra code.

ltr


----------



## humble_pie (Jun 7, 2009)

fatcat said:


> i chose option 3 which is the most secure and implements more hassles even though i access 95% of the time from home



just guessing here ... is option 3 the most secure because it does not ever leave any code registered anywhere on one's own device? a new code has to be requested, obtained & temporarily installed for each login?


----------



## fatcat (Nov 11, 2009)

humble_pie said:


> just guessing here ... is option 3 the most secure because it does not ever leave any code registered anywhere on one's own device? a new code has to be requested, obtained & temporarily installed for each login?


no, it would be the most secure since it would require a code each time you log in either via the web (on any td site, banking, insurance or broker) as well as the td app on ios and android

level of security is a function of how often you want to face the code ... i.e under option one, you would only need to provide a code if you log in from a non-normal address ... if you log in from home 90% of the time you won't be required to use a code when login from home but if you log in from a friends house you will be required to use a code

option 2 means you will need a code every time you log in to a td website (broker, insurance and bank) regardless of where you are so that would include home

option 3 adds the td-app to the need for a code

taken together, these 3 options should let most people find a balance of comfort and security

though none of the codes are required ... yet ... i have to believe they will be one day

what is the code ? ... i am not speaking as an expert but i assume it will be a randomly generated 6 digit number (too hard to spoof in a short time since there are a million possibles) that is assigned to your login at the broker and then sent to your phone ... when the system sees a match, you have passed the code part of the login and now need to add the username and password as your other factor


----------



## fatcat (Nov 11, 2009)

like_to_retire said:


> So, hopefully, if I login from my home computer I won't be asked too often for this extra code.
> 
> ltr


you don't need to hope ... just choose option 1 and you will not need a code when logging from a consistent usual computer 

*james said*


> Even if just using a home internet connection to consistently access this, TD will occasionally think your device is new. This will happen when you get a new IP address


on rethink i may be wrong here james, i said that the ip address wasn't important .... but, since td doesn't require a code from home computer on option 1, they must have some way of using a range of ip addresses to determine what is normal/usual/home such that they don't require a code


----------



## m3s (Apr 3, 2010)

fatcat said:


> i said that the ip address wasn't important .... but, since td doesn't require a code from home computer on option 1, they must have some way of using a range of ip addresses to determine what is normal/usual/home such that they don't require a code


From using various 2-factor authentication on various accounts (most by authenticator codes, some by physical device, some by sms which I avoid if possible and one by physical card and even saved codes as backups..) Seems to me there is no rhyme or reason but rather some algorithm working in the background.

Clearing my cache usually triggers 2-factor but travelling seems to depend. It's really not a big deal. My anti-virus automatically bumps me into a private browser when I try to go to any bank site. That saves me from having to clear my cache often. I travel a lot and I rarely have to input the codes.


----------



## humble_pie (Jun 7, 2009)

glitch at the big green

i was doing the 2-step signup ... half-way done ... visitor ... session expired ... on logging back in i got the microsoft page saying Site Cannot be Reached.

re-tried a few times. Tried this-way-n-that-way. No luck. Kept getting this page: webbroker.delta.td.com

the EBS desk says this delta error is already well-known & TD has not yet been able to solve it. There's no cure yet & not even a reliable treatment. Reportedly there are lots of clients who are locked out by the delta error page.

sometimes wait a day or 2 & access might turn green again, says the EBS desk. Try resetting your browser to default although (says EBS desk) that suggestion doesn't work for a lot of folks. Get a different browser. Although they've seen what's now called "the delta problem" appear with every browser.

for now the delta page means i can't log into my account.


----------



## fatcat (Nov 11, 2009)

good article on guessing of passwords by people doing "shoulder surfing" i.e. watching the movements of your fingers when you enter passcodes

https://www.theglobeandmail.com/bus...tecting-your-smartphone-password-think-again/

it ends with something i have wondered about for some time which is why the phone makers don't generate random keypads for each entry ? ... it would force more attention and be a bit more work but add a lot of security


----------



## humble_pie (Jun 7, 2009)

2-step verification registration procedure is a breeze. The TD has designed a walk-you-through-it interface that works well.

an unrelated issue is the glitched "delta" website. TDDI online is occasionally directing random log-ins to this defective addy. The big green is said to be working on the problem.


----------



## fatcat (Nov 11, 2009)

my list of replies for this thread shows the pie posted something at 6:12AM and yet when i open the thread i only see m3s as the last post ... i don't see pie's post at all


----------



## elvajean (Jun 11, 2018)

I wrote to TD asking if we could get our magic code thru an email and they said no! I pointed out my cell phone is not always on me, it can be elsewhere in my house, and then I need to go get it. Granted, it's not a long walk! However, if I am trying to log in, it means I am on my computer and therefore have access to my email! It'd make life simpler if they'd just give you a choice of email or text. But they wont.

I also do surveys to earn air miles and when I have enough points to redeem for air miles I have to deal with the whole magic code thing from them, meaning I need to go get my phone! It's only air miles!!!

So, I think there should be an option for getting an email or a text, and you folks are right, what about those people with no cell phone?


----------



## pwm (Jan 19, 2012)

This thread is "stuck" in my browser at 22-05-2018. A test message to see what happens.


----------



## OnlyMyOpinion (Sep 1, 2013)

pwm said:


> This thread is "stuck" in my browser at 22-05-2018. A test message to see what happens.


Well, thanks for that. Seem to be a few threads with that problem today? ('last post' show's a name that is not there when you click on the link)


----------



## humble_pie (Jun 7, 2009)

elvajean said:


> I wrote to TD asking if we could get our magic code thru an email and they said no!



the TD is going to stick with this refusal because e-mails are not secure. They will never send confidential account information via e-mail.

.


----------



## james4beach (Nov 15, 2012)

There is something going wrong with the CMF web site because this thread was not showing activity. I've messaged the admins about it (similar problems with other threads).

Email is not secure. Actually, SMS is not much more secure as the messages can be easily intercepted using a number of different methods.

Regarding people who have no cell phones... as TD mentions, they can send a verification code by voice, not text message. So you can use a land line and don't need a cell phone for this.


----------



## humble_pie (Jun 7, 2009)

james4beach said:


> Regarding people who have no cell phones... as TD mentions, they can send a verification code by voice, not text message. So you can use a land line and don't need a cell phone for this.



it's the people travelling w sim cards, checking accounts from hotels, restos & airports. How they going to be able to receive a landline phone call.

this is quite a large group of clients. I would imagine TD is trying to figure something out. For example, for those clients only, TD could put em in a special class that can confirm ID by answering the traditional questions. It's not as secure, it would be a regression, but it might be better than losing the clients entirely.

.


----------



## james4beach (Nov 15, 2012)

humble_pie said:


> it's the people travelling w sim cards, checking accounts from hotels, restos & airports. How they going to be able to receive a landline phone call.


To see if I understand, you mean people who go to another country and have picked up some kind of new SIM card while away? (With a new phone # obviously).

I frequently do this in my global travels. My solution has been to use Callcentric with a phone number that I've registered through them, which costs $2/month + a few cents per minute for each forwarded call. As you pick up new SIM cards and new phone #s, you would log into the Callcentric web site and change the forwarding number to reflect the new destination number.

With that set up, TD (or any other place for that matter) could have one phone number registered. You'd configure TD to call this using the land line voice verification, and the phone call would forward to your SIM card _du jour_.

The downsides to this are the small monthly cost to register a number for this forwarding purpose. You'd also have to log into the Callcentric web site (once) to update the destination phone number. Alternatively you can enable SMS messaging through that service and retrieve the SMS through the web site interface, instead of forwarding phone calls.


----------



## humble_pie (Jun 7, 2009)

james4beach said:


> To see if I understand, you mean people who go to another country and have picked up some kind of new SIM card while away? (With a new phone # obviously).
> 
> I frequently do this in my global travels. My solution has been to use Callcentric with a phone number that I've registered through them, which costs $2/month + a few cents per minute for each forwarded call. As you pick up new SIM cards and new phone #s, you would log into the Callcentric web site and change the forwarding number to reflect the new destination number.
> 
> ...




brilliant

could u free-lance to the big green to get them to latch onto this? 

i-am-serious. Sounds like they could use your help.


----------



## kcowan (Jul 1, 2010)

Because of US Person issues, any number not associated with Canada should not be in your permanent banking record. CIBC had me eliminate my MagicJack San Diego number from their records. Probably very conservative. BWTFDIK?


----------



## james4beach (Nov 15, 2012)

kcowan said:


> Because of US Person issues, any number not associated with Canada should not be in your permanent banking record. CIBC had me eliminate my MagicJack San Diego number from their records. Probably very conservative. BWTFDIK?


I agree, be very careful. Don't ever enter a US phone number or address anywhere in your Canadian banking profile. This can also trigger FATCA and cause the bank to export your details to the IRS. This is actually mentioned of a Govt of Canada web page.


----------



## james4beach (Nov 15, 2012)

humble_pie said:


> could u free-lance to the big green to get them to latch onto this?
> 
> i-am-serious. Sounds like they could use your help.


I'd love to do some work for TD. If anyone knows a contact there, please message me some details. I've done contract work before in security & telecom.


----------



## james4beach (Nov 15, 2012)

I can elaborate more on the Callcentric.com service and using this for international travel. There are other similar services out there, but I just ran tests with this one so I'm reporting my findings.

When a Canadian phone number is purchased through Callcentric, it will work for TD verification purposes. You can forward the number to an arbitrary destination, such as a phone # (SIM card) in any other country. Interestingly, if the destination is a US phone #, then you can also forward incoming SMS to your US phone #. This means that TD can send a text message to your *Canadian* (Callcentric) number, but the text message will show up on your US phone. If you don't have a phone at all, then the text message also shows up in a portal on Callcentric's web site. I confirmed today that this also works for receiving the TD code.

All of the above incurs extra costs, but it's certainly an option for travellers. This will let you meet the TD requirement of registering a Canadian phone #.


----------



## Spudd (Oct 11, 2011)

james4beach said:


> I can elaborate more on the Callcentric.com service and using this for international travel. There are other similar services out there, but I just ran tests with this one so I'm reporting my findings.
> 
> When a Canadian phone number is purchased through Callcentric, it will work for TD verification purposes. You can forward the number to an arbitrary destination, such as a phone # (SIM card) in any other country. Interestingly, if the destination is a US phone #, then you can also forward incoming SMS to your US phone #. This means that TD can send a text message to your *Canadian* (Callcentric) number, but the text message will show up on your US phone. If you don't have a phone at all, then the text message also shows up in a portal on Callcentric's web site. I confirmed today that this also works for receiving the TD code.
> 
> All of the above incurs extra costs, but it's certainly an option for travellers. This will let you meet the TD requirement of registering a Canadian phone #.


This can also be set up using Voip.ms, which is 85c/mo for a number. And SMS through them can also be forwarded to an email address, which can be handy. If one has wifi access but no foreign sim, and does not want to use roaming, the voip.ms solution will allow them to still retrieve the code from the SMS. Of course you can also install a voip app on your phone to answer the phone via wifi, but it's not necessary since you can get the SMS from your email.


----------



## pwm (Jan 19, 2012)

It looks like it's mandatory now. I logged in with my wife's connect ID today, and was prompted with the security setup screen. I had to go through the process to continue with the login. I tested the phone call and after entering the code, I got connected.


----------



## kcowan (Jul 1, 2010)

Happened to me yesterday logging into DWs account. I set up 2 mobiles and her email but did to test it since she was not at home. I was accessing from my usual location. Thinking of adding landlines in Canada and Mexico because when we access from MX, the sim card is not yet activated.


----------



## OnlyMyOpinion (Sep 1, 2013)

Set up now as well. 
I assume when it does require that you be sent a pin, it will ask which number you want it sent to and whether text or voice message?


----------



## humble_pie (Jun 7, 2009)

OnlyMyOpinion said:


> Set up now as well.
> I assume when it does require that you be sent a pin, it will ask which number you want it sent to and whether text or voice message?



yes, although the number transmitted is not a PIN, it's a code that will dissolve forever in a couple minutes. If client fails to enter this code on device within prescribed time period, client will need to re-start the 2-step setup.


----------



## pwm (Jan 19, 2012)

I got my first request for a security code today for both my and my wife's connect ID using the PC that I always use. I chose the least intrusive option, so they may be doing just a routine checkup. Worked OK with my landline, although I had to first, go upstairs and tell my wife there would be a phone call and to not pick up the phone. That's the only annoying part about this process.


----------



## OnlyMyOpinion (Sep 1, 2013)

Interesting. 
I'm across the country, albeit connecting to a wireless router at my sister's that I've used in the past and it didn't request verification last week when I got here. 
I'll have to login later today and see if it asks. 
Maybe it checks periodically regardless of location/IP.

Added: I set up about a month ago for cell and/or home phone and it tested out fine. Not really any hassle. But was surprised it didn't make a verification when I logged in on the other side of the country.


----------



## like_to_retire (Oct 9, 2016)

pwm said:


> I got my first request for a security code today for both my and my wife's connect ID using the PC that I always use. I chose the least intrusive option, so they may be doing just a routine checkup. Worked OK with my landline, although I had to first, go upstairs and tell my wife there would be a phone call and to not pick up the phone. That's the only annoying part about this process.


Yeah, that would be annoying. I guess they figure that most users would have a cell phone and that it would be on their person and so wouldn't be much of a hassle.

I haven't set it up yet and I haven't been challenged at login yet. I'm waiting.

ltr


----------



## humble_pie (Jun 7, 2009)

OnlyMyOpinion said:


> I'm across the country, albeit connecting to a wireless router at my sister's that I've used in the past and it didn't request verification last week when I got here.
> I'll have to login later today and see if it asks.
> Maybe it checks periodically regardless of location/IP.
> 
> Added: I set up about a month ago for cell and/or home phone and it tested out fine. Not really any hassle. But was surprised it didn't make a verification when I logged in on the other side of the country.




i think using the same device is what matters. I'm assuming you were using the same device both chez vous & chez soeur. Your experience shows that the router ID doesn't matter.

log in from home? 2-step is happy. Same device from office? it's happy. Airport? happy. Tim Horton's? happy.

outside canada 2-step might not be happy even with the same device though.


----------



## bgc_fan (Apr 5, 2009)

Strange, I've been logging in on a number of different locations/computers, but I haven't encountered the 2-step authorization process. Was there a setting that I was supposed to activate?


----------



## humble_pie (Jun 7, 2009)

bgc_fan said:


> Strange, I've been logging in on a number of different locations/computers, but I haven't encountered the 2-step authorization process. Was there a setting that I was supposed to activate?



dinna fret i'm sure they will get to you!

you can also activate the registration process yourself, in order to get this done at a time which is convenient to yourself. You'd click on your name, then security settings, then on from there. Just be sure to have your phone handy.


----------



## like_to_retire (Oct 9, 2016)

A week ago TDDI forced me to setup the 2-step authorization process and I haven't been challenged at login until today.

It was actually TD Web that challenged.

I selected mobile TEXT since my cell was sitting on the desk. The text arrived about one second after clicking the mouse. Entered the code and no problem.

ltr


----------



## humble_pie (Jun 7, 2009)

a trivial factoid for the last evening of a summer holiday weekend

some IP service providers change their server addresses regularly; some do not (i'm told that Rogers is one that does not change, for example)

i'm no expert here but evidently certain kinds of IP server address changes will bother some (not all) 2-step verification systems. When an IP provider moves its server, the 2-step perceives that the client is trying to log in from a different & unauthorized addy & it will lock down all the client's accounts until client repairs each one. Repair consists of obtaining a new code via text or phone for each account, then manually installing the code one account at a time.

the first time it happens, the lockdowns can look quite daunting. To really jolly up a holiday weekend, my particular IP provider managed to move its network not once but twice on saturday. Once in the am. Every account locked down. I repaired every account with new codes. Then around 4 pm in the afternoon, the dang thing up & moved again. Once again, a green wall of rejection on every account. I sure hope they only go in for this kind of mega-moving once or twice a year.


----------



## fatcat (Nov 11, 2009)

humble_pie said:


> a trivial factoid for the last evening of a summer holiday weekend
> 
> some IP service providers change their server addresses regularly; some do not (i'm told that Rogers is one that does not change, for example)
> 
> ...


why would they "lock down" an account ?

the security levels relate to higher levels of security (higher meaning you will be asked for codes more or less often) but the verification codes would remain in place

like i have it set to ask for a code every time i log in to td website (broker, bank, insurance) even from home ... i have 2 different phone numbers and the option to call or text on either number

how would i get locked down ?

if you have the lowest level of security, td says it will only ask you for a code when you use a different device (how they determine this i don't know except it is probably some kind of fingerprinting and ip address combo) so when you are at home you likely won't be asked for a code ... if you travel to paris they probably will ask for a code but in either case you simply give them the code which they will deliver via whatever number / text you have set up

explain what you mean by "locked down"


----------



## like_to_retire (Oct 9, 2016)

humble_pie said:


> To really jolly up a holiday weekend, my particular IP provider managed to move its network not once but twice on saturday. Once in the am. Every account locked down. I repaired every account with new codes. Then around 4 pm in the afternoon, the dang thing up & moved again. Once again, a green wall of rejection on every account. I sure hope they only go in for this kind of mega-moving once or twice a year.


hehe, this morning I see all my stocks are valued in USD, even though I have only CDN stocks.

ltr


----------



## pwm (Jan 19, 2012)

Same here. I guess that explains why the home page shows "yesterday's change" was down $33k.


----------



## like_to_retire (Oct 9, 2016)

pwm said:


> Same here. I guess that explains why the home page shows "yesterday's change" was down $33k.


I know, my "yesterday's change" value was shocking enough to get me to check my holdings. Yikes!

ltr


----------



## kcowan (Jul 1, 2010)

Two questions for pie:
1) How do you access the accounts to change the IP?
2) Do you use 2-step verification?


----------



## humble_pie (Jun 7, 2009)

kcowan said:


> Two questions for pie:
> 1) How do you access the accounts to change the IP?
> 2) Do you use 2-step verification?



morning kcowan

1) you can't change your IP addy, that's your IP service provider. In TDDI you can easily change your 2-step settings. Find these under your name tab. Look for security settings.

2) just about everyone has been forced into 2-step by now, no? it's extremely simple for parties mostly resident in canada, a bit problematic for parties travelling outside canada ... hardest of all, i imagine, for persons such as yourself who maintain residences both in canada & in a faraway country & spend a good part of each year at the foreign residence.

for clients such as yourself, the big green should have identified a troubleshooting team of resource persons with specialized expertise by now. Essentially you would belong to a kind of exotic-snowbird category. Certainly the TD has others in this category.

i'm sorry i don't know who the green gurus are when it comes to exotic 2-step verification. I could try to find out, if you like.



.


----------



## fatcat (Nov 11, 2009)

everyone should be using it ... they should really add security keys which you can use on your google account as well as a number of other accounts

https://krebsonsecurity.com/2018/07/google-security-keys-neutralized-employee-phishing/

i have one but haven't implemented yet on my google account

td would be smart to add them as it would really lock down the accounts even more than they are now

kcowan, a) how often do you access your accounts and b) is this your main account and store of wealth ... if you don't use your accounts too often and you have your life savings in there i would damn sure be using 2-step right now

pie hasn't responded but i am skeptical about the notion of a lockdown, this system is only set up to lockdown if you lose access to your phone number / text for codes 

as long as you have access to your devices that are registered with td and can receive codes the ip address should have nothing at all to do with accessing your account ... 

a possible exception would be if you are using level 1 security and then you access from a new location in which case ip addresses could come in to play but only using level 1 protection is a bad idea in the first place

if you lose your devices or can't access your phone number or receive a text that is another story ... i have 2 phones number both of which can receive text and calls


----------



## OnlyMyOpinion (Sep 1, 2013)

Just logged in (via easyweb link). No hiccups and balances look ok. Saw no notice about login or acc balance issues.


----------



## fatcat (Nov 11, 2009)

OnlyMyOpinion said:


> Just logged in (via easyweb link). No hiccups and balances look ok. Saw no notice about login or acc balance issues.


omo, there are 3 options, which did you sign for 1,2 or 3 ?


----------



## OnlyMyOpinion (Sep 1, 2013)

fatcat said:


> omo, there are 3 options, which did you sign for 1,2 or 3 ?


I've had the 'added security' enabled since mid-June at the minimal level. 
As I'd noted in #73, I wasn't required to have it send me a security code by text even when I traveled across the country, albeit with the same laptop. I haven't been required to use it at all so far.


----------



## fatcat (Nov 11, 2009)

hmmm, interesting, i have level 3 turned on ... i have 2 phones registered and get a call every time i log in to tdw or td ... which i do maybe once or twice a week ... just takes a moment and i like the extra security


----------



## kcowan (Jul 1, 2010)

fatcat said:


> everyone should be using it ... they should really add security keys which you can use on your google account as well as a number of other accounts
> 
> https://krebsonsecurity.com/2018/07/google-security-keys-neutralized-employee-phishing/
> 
> ...


I use 2FA now and I have a problem when I go to Mexico. I switch the SIM cards and it will try to send a code to my BC number just when I want to login. I want them to be smart enough to recognize the IP address and then use my Telcel number. Problem solved with a but of empathy. Or send the code to both numbers on my account. Easy peasy.

On reddit, there was a contribution to the effect that the 2FA is not hack proof. They can intercept the SMS stream. I am skeptical. I am very sensitive to these issues right now because I am using Wealthica to consolidate my holdings from 4 different providers. So far so good. And they can export to a Google Sheet for backup. Nice graphs and calculations. Just scratching the surface. I can get an instantaneous view of all my transactions up to yesterday. None of this painful once a month consolidation!

I had a problem with CIBC but got it fixed with 2 phone calls. I hope Weathica succeed!


----------



## like_to_retire (Oct 9, 2016)

TDDI solved the US denomination problem, but this morning sent my notice of monthly statement being ready to download, except they sent it multiple times. I guess once for every account.

ltr


----------



## fatcat (Nov 11, 2009)

kcowan said:


> I use 2FA now and I have a problem when I go to Mexico. I switch the SIM cards and it will try to send a code to my BC number just when I want to login. I want them to be smart enough to recognize the IP address and then use my Telcel number. Problem solved with a but of empathy. Or send the code to both numbers on my account. Easy peasy.
> 
> On reddit, there was a contribution to the effect that the 2FA is not hack proof. They can intercept the SMS stream. I am skeptical. I am very sensitive to these issues right now because I am using Wealthica to consolidate my holdings from 4 different providers. So far so good. And they can export to a Google Sheet for backup. Nice graphs and calculations. Just scratching the surface. I can get an instantaneous view of all my transactions up to yesterday. None of this painful once a month consolidation!
> 
> I had a problem with CIBC but got it fixed with 2 phone calls. I hope Weathica succeed!


if i understand you correctly you should be able to solve the problem by: logging on using a code sent to your canada phone then go to security settings and add the mexico phone number, switch the sim and then verify the number ... you will then have both numbers registered on your account and can receive a code at either number

on the sms, yes, i have been reading those stories ... i always use a phone call since it is only marginally more work to just pick up the phone and listen to a code than seeing the code on a text ... until they came out with the authenticator app, which is dead easy, i was using a phone call from google for years and it worked well and easy

scammers would still all 3 things username, password and the ability to hack the sms system in real time i believe but, as i say, it do avoid sms and the phone works fine

i do hope that td will move to a yubi / hardware key soon as that would take security to a new level, i have a key but haven't implemented in anywhere yet as my laptop doesn't have enough usb ports

i just googled wealthica and will take a look, never heard of them


----------



## like_to_retire (Oct 9, 2016)

TDDI has definitely been acting a bit strange lately.

Normally, when a preferred share is coming up on its reset date, TDDI will send a notice (unfortunately usually quite late with respect to the cutoff date for a decision). The decision involves the holder client phoning TDDI and giving direction to them with respect to conversion to a floating rate security at reset time.

Today, the first time ever, I get a phone call from TDDI asking if I was aware that the reset date was approaching and would I like to give my decision with respect to conversion. 

They never phone me, so I was a bit surprised. They said they would still be sending me the notice regarding the reset date decision, but they wanted to phone to give me the opportunity to tell them over the phone.

I would actually much rather this method, as I get older and more addle minded, I may not be aware of these decisions as they approach. Someone phoning is a nice reminder, and if I'm able to offer my decision at that time, it gets it over with.

Anyone else notice this change?

ltr


----------



## pwm (Jan 19, 2012)

like_to_retire said:


> TDDI solved the US denomination problem, but this morning sent my notice of monthly statement being ready to download, except they sent it multiple times. I guess once for every account.
> 
> ltr


Me too. I got 4 messages this morning and just now another 4.


----------



## like_to_retire (Oct 9, 2016)

I just spent a really long time trying to phone TDDI to purchase a GIC. It's usually fairly easy, but the phone system responses have changed since the last time I used the service and it kept me going in circles until I wanted to scream. The voice recognition couldn't understand what I was saying for some reason. Terrible.

I wish TDDI would allow GIC purchases online. It seems like such a simple thing.

ltr


----------



## fatcat (Nov 11, 2009)

like_to_retire said:


> I just spent a really long time trying to phone TDDI to purchase a GIC. It's usually fairly easy, but the phone system responses have changed since the last time I used the service and it kept me going in circles until I wanted to scream. The voice recognition couldn't understand what I was saying for some reason. Terrible.
> 
> I wish TDDI would allow GIC purchases online. It seems like such a simple thing.
> 
> ltr


they are working on it ... i suspect, but have no proof that they would love to automate the gic process online ... it would save them a bundle in telephone support costs

gic's would be fairly straightforward to buy online i should think ... i would love to be able to just order online


----------



## AltaRed (Jun 8, 2009)

Buying GICs online is a piece of cake at Scotia iTrade. Think that applies to BMO IL and RBC DI as well. Has to be done in business hours though as rates are only valid through that specific business day.


----------



## RBull (Jan 20, 2013)

Yes, easy at RBC DI buying GIC's during business hours. 32 different issues / yr so decent inventory last time I looked. 

It surprises me that the leader TD seems to be behind on this and on the DIY Gambits.


----------



## like_to_retire (Oct 9, 2016)

RBull said:


> ....It surprises me that the leader TD seems to be behind on this and on the DIY Gambits.


Yeah, it surprises me too, since GIC's would seem to be the simplest thing to set up to buy online, compared to bonds, or all sorts of other transactions. 

GIC's are really the last thing you have to phone into TDDI to buy, and it is certainly a pain in the butt. 

I have three GIC ladders at TDDI in my RRSP, TFSA and Non-Reg accounts, with each coming due every 6 months, so a total of 30 GIC's and I am continually having a GIC come due. What a pain doing it by phone.

I take occasion each time I phone to ask when TDDI will allow GIC purchases by phone, and the answer has always been that they're working on it.

I wonder what the problem is, because TDDI certainly has done a lot of software changes in the last few years, so it isn't like they don't have any software workers.

ltr


----------



## RBull (Jan 20, 2013)

like_to_retire said:


> Yeah, it surprises me too, since GIC's would seem to be the simplest thing to set up to buy online, compared to bonds, or all sorts of other transactions.
> 
> GIC's are really the last thing you have to phone into TDDI to buy, and it is certainly a pain in the butt.
> 
> ...


You've got a lot of calling to do! Yes, GICs are almost the exact same process as buying any type of listed bond. Sort by yr, compounding, or simply by top yielders, search, select, par value, amount, account, buy - DONE

G/L in soon getting your job done easier.


----------



## humble_pie (Jun 7, 2009)

RBull said:


> It surprises me that the leader TD seems to be behind on this and on the DIY Gambits.



in point of fact, there are only 2 brokers whose systems permit instant online gambits with 2 low-cost online commissions. Those brokers are BMO & royal bank.

all other brokers have system blockages & restrictions when it comes to instant online gambit trading. A common solution is that gambit clients have to phone to get the sell side executed. This can lead to a higher commission for the sell side.

another common solution is to use the DLRs when converting from CAD to USD. This strategy allows gambit traders to wait 2 days to journal the stock while pegging the FX rate at the time of DLR purchase. However this strategy does not work reliably when gambitter is moving from USD to CAD.

back to the TD as leader: alas the big green is never going to offer instant online gambits. It's their mainframe ISM, a workhorse system that is utilized by most brokers. ISM cannot instantlly handle a gambit pair.

.


----------



## m3s (Apr 3, 2010)

kcowan said:


> I use 2FA now and I have a problem when I go to Mexico. I switch the SIM cards and it will try to send a code to my BC number just when I want to login. I want them to be smart enough to recognize the IP address and then use my Telcel number. Problem solved with a but of empathy. Or send the code to both numbers on my account. Easy peasy.
> 
> On reddit, there was a contribution to the effect that the 2FA is not hack proof. They can intercept the SMS stream. I am skeptical. I am very sensitive to these issues right now because I am using Wealthica to consolidate my holdings from 4 different providers. So far so good. And they can export to a Google Sheet for backup. Nice graphs and calculations. Just scratching the surface. I can get an instantaneous view of all my transactions up to yesterday. None of this painful once a month consolidation!
> 
> I had a problem with CIBC but got it fixed with 2 phone calls. I hope Weathica succeed!


I'm surprised TD doesn't allow code generators for 2FA. For your wealthica account you could get the google authenticator app for 2FA

I switch sim cards often and rather than switch back I call TD and tell them to change my number every time. Heaven forbid I ever go somewhere that has wifi and not sms. SMS signals are indeed unsecure and possible to intercept in the open or hack

I have 2FA on about a dozen online accounts using google authenticator (google, reddit, amazon, fb, twitter, wealthica etc)


----------



## fatcat (Nov 11, 2009)

interesting article on the vulnerability of phones as security mechanisms

https://www.wired.com/story/phone-numbers-indentification-authentication/


----------

