12

My understanding is that, typically websites are recommended to store only hashes of passwords using one-way cryptographic hash function. This way, there is no way to retrieve the passwords even when somebody can hack the database.[1]

On the other hand, financial management website Mint requires you to enter bank login information. Presumably they use this to access the banking information, so they would have to be able to store the password in a way that can be retrieved. Yet, most reviews that I read consider Mint safe[2]. How can it be safe, while adhering to a less secure practice of storing bank passwords than a typical website?

[1]For example, see Why is 3DES not used to store passwords?

[2] For example: Is Mint Ready for Your Money?.

Community
  • 1
user69715
  • 231
  • 1
  • 2
  • 4
  • 3
    I know nothing of Mint, but can Mint access your bank account when you're not logged in? If not they might be encrypted using a key derived from your password - which they don't know (they only know the hash). Also, the bank themselves might grant an authentication token to Mint so they don't have to store your actual credentials. – thexacre May 30 '14 at 06:59
  • please read more broadly https://security.stackexchange.com/questions/10820/could-mint-com-be-more-secure-and-if-so-how/15197#15197 – this.josh May 31 '14 at 08:06

1 Answers1

26

We don't really use the concept "X is safe" in Information Security, because it is not nuanced enough. Instead, we have "X has a level of risk that Y will accept".

In order for Mint to work, they need to have your banking passwords so that they can log onto your bank and pretend that they are you. So they need to store them, and this adds risk.

(They can do all sorts of things to protect those passwords. They can use multi-layer encryption. They can have good physical security at their data centre. They can pentest themselves daily. See https://www.mint.com/how-it-works/security/security-technology/ for a list. However, hashing your credentials is one thing they can't do; they're pretending to be you, and you don't hash your banking passwords, so they can't.)

Using Mint, then, increases risk. You must work out if that increased level of risk is acceptable to you. If it is not, then you have to take action to decrease the risk, which is pretty much going to mean not using Mint.

Graham Hill
  • 15,394
  • 37
  • 62
  • 3
    I wish more people understood the basic concept of risk. Nicely put, you can never have zero risk, just more or less. – this.josh May 31 '14 at 08:08
  • are there any latest updates on Mint side to enhance security for bank credentials ? like token based access etc instead of storing real username password which is a risk for sure. – Dev G Jan 09 '19 at 15:05
  • @Dev G - Considering it took most banks years to even support 2FA (and some major banks still don't), I wouldn't hold your breath. – Joe the Coder Apr 21 '19 at 23:09
  • Where in Mint are your passwords stored (your phone, or Mint's servers)? – RonJohn Jan 04 '20 at 08:30
  • @RonJohn passwords are stored at Mint datacenters. – Shinebayar G Dec 24 '21 at 03:07