Moneybox 2FA

Hi

Apologies if this has been asked before but given the large sums people are depositing in the Moneybox LISA, I wanted to verify how secure the account is. I was surprised that they seem to allow people to reset the password using an email and then verify a new device with the same email address. That means if someone were to get access to my email, they could reset my password and log in on a new device. That doesn’t sound like 2 factor authentication to me. Any thoughts on this ?

Regards
Andy

Comments

  • Miser1964
    Miser1964 Posts: 283 Forumite
    100 Posts First Anniversary Photogenic Name Dropper
    edited 23 June 2023 at 8:07PM
    It's one of the weakest forms of 2FA, for exactly the reason you set out. 
  • cerebus
    cerebus Posts: 677 Forumite
    500 Posts Name Dropper
    Have you got 2FA set up on your email account , that will make it more secure 
  • I would hope that they don’t rely on clients having 2FA on email accounts. Really they should use a text to a mobile or use an Authenticator app whenever a new device is added given the levels of investment here. 
  • cerebus
    cerebus Posts: 677 Forumite
    500 Posts Name Dropper
    Agreed , all you can do is vote with your feet and tell them why 
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.2K Banking & Borrowing
  • 252.8K Reduce Debt & Boost Income
  • 453.1K Spending & Discounts
  • 243.1K Work, Benefits & Business
  • 597.5K Mortgages, Homes & Bills
  • 176.5K Life & Family
  • 256.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.