Fidelity: Protecting Your Life's Savings
Fidelity accounts often hold the largest concentration of an individual's wealth, including 401ks, IRAs, and primary brokerage accounts. Unlike a checking account where a few hundred dollars might be at risk, a Fidelity compromise can result in the loss of decades of retirement savings. Because these accounts are "high value," they attract sophisticated attackers who use targeted social engineering and credential stuffing.
1. Hardening Your Fidelity Account
Symantec VIP: Moving Beyond SMS
Fidelity is one of the few major financial institutions that supports Symantec VIP, a hardware-like software authenticator. This is significantly more secure than SMS-based MFA because the codes are generated locally on your device and cannot be intercepted via SIM swapping. Action: Download the Symantec VIP app and link it to your Fidelity account under "Security Center." Once enabled, disable SMS as a 2FA option.
Money Transfer Lockdown (MTL)
This is Fidelity’s "Secret Weapon" for security. Money Transfer Lockdown allows you to "lock" your accounts, which prevents any electronic transfers (ACH, Wire, or Journal) from leaving your account. The Strategy: Keep your accounts locked 100% of the time. If you need to move money, you manually log in, unlock the account, perform the transfer, and then re-lock it. Even if an attacker has your password and your MFA, they cannot move your money while it is locked.
Action: Enable MTL in the Fidelity Security Center.
Fidelity MyVoice (Biometrics)
Fidelity offers a voice-biometrics system that identifies you based on your unique vocal patterns when you call their customer service. Why it matters: Attackers often try to "socially engineer" phone representatives. MyVoice makes it nearly impossible for an attacker to impersonate you over the phone, even if they have your SSN and account number.
2. Failsafe Recovery Preparation
Trusted Contact Persons
Fidelity allows you to designate a "Trusted Contact Person." This person cannot trade or move money in your account, but they are someone Fidelity can contact if they suspect you are a victim of fraud or if they cannot reach you. Action: Add a family member or trusted professional as your contact.
Physical Document Storage
In a total digital lockout, you may need to provide Fidelity with physical, notarized documents to regain access. Preparation: Keep a physical folder that includes your Fidelity account numbers, your primary advisor's contact information, and a copy of your most recent statement. This will be invaluable if you need to prove your ownership in a "Manual Recovery" scenario.
3. Protecting Your 401k (NetBenefits)
If your employer uses Fidelity for your 401k, you access it via NetBenefits.
- The Linked Account Risk: NetBenefits accounts are often linked to your personal Fidelity brokerage. Ensure both have the same high level of MFA.
- Review Beneficiaries: Security isn't just about hackers; it's about ensuring your assets go where you intend. Review your 401k beneficiaries annually.
For more information on the underlying principles, see our articles on MFA Fundamentals and Password Security.
Why This Matters
The Importance of MFA
Multi-Factor Authentication (MFA) is your strongest defense against account takeover. Even if a physical or digital attacker obtains your password, MFA provides a critical second layer of defense that is much harder to bypass. Learn more about MFA best practices.
Unique, Strong Passwords
Never reuse passwords across different services. If one service is breached, every other account using that same password becomes vulnerable to "credential stuffing" attacks. Every online service should have its own unique, long, and complex password managed by a reputable password manager. Learn why unique passwords are critical.