At Guideline, keeping your account secure is a high priority. That’s why we’ve implemented security features to help prevent unauthorized access to your information.
Here are several security protocols Guideline uses to keep your account safe.
Account verification when logging in
When you claim your Guideline account or log in, you may be asked to verify your email by clicking a link or providing a 6-digit code that has been sent to your registered email. You will also be asked to verify a code when logging in if you enabled two-factor authentication (2FA) using SMS or an authenticator app.
Periodic password updates
When logging in, we may occasionally ask you to update your password to a new, unique password you haven’t used before. We do this to ensure users have strong passwords on their Guideline account.
It’s not unusual for attackers to attempt to gain access to online accounts using credentials that have been compromised in security breaches of other password protected sites around the web (this is called “credential stuffing”).
For this reason, using a unique and strong password for each of your online accounts, as well as implementing 2FA to require a second form of verification that only you have access to is increasingly important.
Why you might receive a verification code when not trying to log in
If you received a verification code but are not actively trying to log in, it may be due to a financial management app, such as Wealthfront, Quicken, or NerdWallet, that you have connected to your Guideline account. When a financial app attempts to update a user’s Guideline information, they may trigger verification requests via email, SMS, or an authenticator application.
To prevent this situation, we suggest you utilize a system-generated password rather than provide third-party apps your actual password. System-generated passwords provide an additional layer of security by limiting third-party access to basic information, such as balances and transaction history.
To generate a unique password to provide to your financial applications, log into your Guideline dashboard and navigate to the Financial app access page. Then, disconnect your Guideline account from the third-party provider and reconnect it with the generated password instead.
If you haven’t connected any financial services to your Guideline account and you receive an unexpected verification code, we recommend you reset your password as soon as possible as this may indicate someone is trying to access your account fraudulently.