
Multi-Factor Authentication in Mint - OrwellianChild
https://mint.lc.intuit.com/announcements/1286158
======
OrwellianChild
I don't understand the security layers between Mint users, Mint, users' bank
accounts, and banks very well... It seems like Mint has to store users' bank
authentication information unencrypted in order to be able to log in as a bot
on the users' behalf... If this is the case, how does multi-factor help
security on the Mint <-> Bank layer?

Is this actually an improvement to security? Or is this theater? Mint seems
like a large target because of all the logins it holds, but if they hold
credentials in the clear anyway, I'm not sure how multi-factor protects
against a attack against Mint...

Any insights?

