I just got on the phone that CornerTrader is working on 2-Factor-Authentification, and the want to release it within the next 3 months. If they do, I’ll probably open my account there.
no public WiFi ever, no exception. Including ‘just’ mobile use, get local SIM/network.
2factor auth, no SMS, but authenticator based.
secondary email for financial products, separate from ‘normal’ email
never use sms for 2FA, avoid services with sms only auth.
secure one main account (IB). Treat secondaries (bank acc) as dumb and with little value (<10k)
I don’t do yet/atm
separate own user with 2FA for actual trading for same account. Secondary user for normal usage. No withdrawal rights and other limitations. Account owner user for reporting and withdrawal operations, granting rights. Separate auth device which is secure.
bank/broker sub-account separate with different users - holding vs trading account
bank safe with hard copy details (not auth tokens) in case of death
I am not doing this yet, but I am considering buying a second phone that I keep in a secure location with all 2FA / banking apps (for accounts with significant amounts) installed. Not only because of cybersecurity, but also because of physical security: If someone points a gun at your head (might not be a huge risk in Switzerland, but definitely when travelling, as this happens regularly in other countries) you have your “bait accounts” with little money in them. For all of the accounts with larger amounts, there is no trace on your main phone, so no way for an attacker to even know that you have them.
Besides the mentioned hidden SSID, I consider home wifi secure. I use a second SSID which is broadcast but use for guests. With a limited access (internet only, separate vlan, etc) and rate limited. Also same wifi for devices you dont trust (much) - nintendo switch, hoover robot with maps stored in china, wifes phone /s on the last one
I use a Keepass with a separate database only for Banking. This is database is only kept locally and can be opened only with a keyfile (on USB stick) and password. The database and keyfile are not stores on my cell phone. If I need to setup 2FA with an App, like with IBKR, I type in the huge password by hand. Then I activate the finger print. But I will not have trading access on my phone. With IBKR, you would need to enter the password again for that
I thought about this, too. But would you not be interested if some hacker found out your password? You would get a push message from the mobile app. If you have the phone turned off, you’ll not realize, until you turn it on.
I use Bitwarden to store my accounts and passwords. I obviously use different passwords for my different accounts, as well as a “master” password for Bitwarden which is also unique.
I activate 2FA on all applications if available.
I only use one phone, but I’ve activated the erasure of all data on it if the password is entered 10 times wrong. I’ve also activated the latest anti-theft measure available since the iOS 17.3 update.
By reading and partipating to this forum, you confirm you have read and agree with the disclaimer presented on http://www.mustachianpost.com/
En lisant et participant à ce forum, tu confirmes avoir lu et être d'accord avec l'avis de dégagement de responsabilité présenté sur http://www.mustachianpost.com/fr/
Durch das Lesen und die Teilnahme an diesem Forum bestätigst du, dass du den auf http://www.mustachianpost.com/de/ dargestellten Haftungsausschluss gelesen hast und damit einverstanden bist.
/s on the last one 
