# Beware Online Budget Websites



## sags (May 15, 2010)

A warning to consumers has been issued regarding online budget and financial websites, such as Mint.com.

There are privacy and information issues when a consumer provides banking information, such as account numbers and passwords to an online company.

http://www.financialpost.com/person...ability+rules+agency+warns/4487565/story.html


----------



## hypo (Aug 11, 2010)

I've always thought it was absolutely crazy to give over banking information to a 3rd party company who is providing the service to you for free. Not only would the liability issues arise if something happened (CAN/US legal issues too) but also the possibility of your financial information being sold to other parties.

You also don't have any control over their own internal security practice, and all it takes is a misconfigured server patch for someone to exploit their database and copy their entire record of all the banking information anyone who has ever used the service since its founding. It happens in the wild all the time.


----------



## LondonHomes (Dec 29, 2010)

I agree you should never give out that sort of information, especially when you don't know who you are dealing with.

Just from reading the article I could imagine organized crime getting involved in this sort of service and feeding your info directly to an identity theft operation.


----------



## HaroldCrump (Jun 10, 2009)

I don't understand why anybody would need online tools (and expose oneself to all this) simply to track your own financial information, which can be easily accomplished via a simple Excel spreadsheet.
It takes a couple of hrs. at most to set up a spreadsheet where you can plug in your account balances and it can calculate your monthly budget, net worth, your investment returns, and any other financial metric you want to track.

Then it's only a matter of copying and pasting your account balances once a month or whatever.

I'm sure these websites have many more features and appear to do more, but how much do you really need?


----------



## Sustainable PF (Nov 5, 2010)

I think these sites link to your bank and separate your deposits, debits credits etc and organize the data for you. I think ...

That being said - NO THANKS! I can figure out how to make pretty pie charts in excel myself.


----------



## the-royal-mail (Dec 11, 2009)

Very interesting thread. SPF's last comment is interesting. Could this type of website be geared towards those who know cell phones and fancy interfaces but not so good at traditional tools like excel and outlook? I'm only speculating here. I think excel is one of the most useful tools in my house. 

But these days, people are easily taken in by fancy interfaces and as so many websites want you to create user IDs and passwords, people get used to logging in. 

Heck, an org I deal with the other day sent me a letter, to ask me to sign up and create an account and answer umpteen security questions, all so I could "verify" my account information. I have no doubt the letter came from a legitimate source, but the existence of this type of request is harmful in that it teaches people this is normal and to be less vigilant for when a real phising attempt hits their inbox. Anyway.

Not everything has to be online, folks. Certain stuff should be kept offline.


----------



## CanadianCapitalist (Mar 31, 2009)

Or if you don't like building your own Excel tracker, Microsoft Money Sunset edition is free to download and use. You can keep everything on your own computer instead of some third party server. 

Do you guys feel the same way about online tax preparation websites? I never used one because I'm worried about security. For the same reason, I avoid online budget websites as well.


----------



## kcowan (Jul 1, 2010)

CanadianCapitalist said:


> Do you guys feel the same way about online tax preparation websites? I never used one because I'm worried about security. For the same reason, I avoid online budget websites as well.


I have used Uile online since 2007. It uses https so it is as secure as my online banking access. I got into it because I leave my PC in my southern residence and wanted full access when I got home. I prepare and submit my taxes down south but I am back home when the assessment comes through. After three years, I am confident with the service.

But I agree with financial aggregation sites being an unnecessary service. I don't even give my broker access to my bank account. When I transfer money to them, it is a bill payment into my bank account. When it comes time to transfer the money out, I deposit a cheque.


----------



## brad (May 22, 2009)

This also brings up the issue of the safety of secure online backups.

I back up my Quicken file religiously, but an on-site backup is useless if your house burns down or if a thief enters you home and steals both your computer and your backup disk. So I always keep an offsite backup as a precaution.

I used to give an encrypted backup disk or CD to a friend to store at their home or office, but that gets cumbersome after awhile and is subject to many of the same security concerns.

So now I use an online backup service; I store my password-protected Quicken backups there as well as copies of important receipts and statements. I've got all of this protected by a strong password, but still there's always a risk that someone could hack into my account and get at my data.

I don't see any good workable solution. A safety deposit box is impractical, as I back up my files nearly every day and don't have time to go to my bank every day to exchange my backup disks. Online storage is really the only solution if you want to back up your files regularly offsite, but I worry about the risk of hacking.


----------



## bigcajunman (Mar 25, 2011)

*Back Ups Important*

I agree with the posting person who said backups are important, but more important is RESTORing the data from the backup. I have had "back up files" file more than once, so if you are doing any kind of back up system (internal or external), make sure you test restoring your data at least once, or you might end up with a rude surprise.

I like the concept of off site backups, but I still worry about security and privacy issues with those as well (which sort of makes the whole On Line Budgeting site argument circular, my apologies).


----------



## financialnoob (Feb 26, 2011)

Timely post since we were just trying to set up a budget for the first time. These types of sites seem like a really, really bad idea.

It's all about convenience, but would you really give your banking info to a stranger to manage your money? That's essentially what this is.

There are some offline solutions that can be purchased or some free ones as well. Most can either import data from your bank site (you can download the transactions to a Quicken file or similar) and then import from the file so you get almost all the convenience without having to connect your bank account directly.


----------



## kcowan (Jul 1, 2010)

What I do is pass all our money through three credit cards, and wash it through 2 checking accounts. This gives me a total reconciliation each month. All via downloads from their respective sites (2 TD account sites plus Visa, MC and Amex). I adjust for any transfer in from our investment accounts because we are retired but that is usually once a month at most.

It is a bit of a pain once a month but then I am in total control. I backup my Excel spreadsheet after each monthly update in 2 places.


----------



## Xoron (Jun 22, 2010)

*Truecrypt on an external USB drive.*



bigcajunman said:


> I like the concept of off site backups, but I still worry about security and privacy issues with those as well (which sort of makes the whole On Line Budgeting site argument circular, my apologies).


I use a free product call truecrypt to encrypt my data.

My backup consists of two external hard drives. One at home, one at work. Were you to look at the drive, it would contain one big file called backups, which is an encrypted container containing all of my important files. 

On my home computer, the drive is connected with USB ( Drive Y: ) and using truecrypt, I mount the encrypted container as drive X:. I backup to drive X:

Every month or two swap the drive at home for the one at work and start again. As long as the drive is encrypted, I have no problem leaving it at work. If it gets stolen, then I'm out $100, but none of my data is exposed, and the hassle factor is minimal.


----------

