Yes it's a bt scary that mint stores passwords but putting this all on mint is wrong.
For one, don't use Mint if you are concerned about their system arechetecture. Wesabe stored passwords locally and did the scraping from your client side. Unfortunately Mint killed Wesabe in the market but maybe there are similar products out there.
For two, the real fault lies with the banks. Issuing that banks simply need to move to oauth is a joke. There is nothing simple about updating and/or unifying every banks online systems. Many banks run custom software and much of this is very old (but very well tested). Making any changes is a massive undertaking that most banks have explicitly rejected doing. If it ain't broke, don't fix it.
Finally, it's strange to fear getting hacked and losing money because of a non-FDIC insured account in mint. Who is using such banks in general let alone in mint?
As a software engineer, I'm always in awe of how well mint works. They have unified a massive number of disparate services. As a end user I love the value mint provides. As a hacker, putting passwords in makes me uneasy, but I'm confident in the banking institutions I use, and Mint's security.
This security issue is the reason I stopped using Mint. The non-FDIC insured accounts are any investment accounts -- your 401k, your IRA, and wherever you store any money you'd like to be making more on than just "rolling CDs." If you're basically month-to-month with just a few extra months of living expenses, then one might not have many of these accounts. But, for many of us in the HN community, the FDIC-insured portion is significantly less than 1/10 of our assets.
For one, don't use Mint if you are concerned about their system arechetecture. Wesabe stored passwords locally and did the scraping from your client side. Unfortunately Mint killed Wesabe in the market but maybe there are similar products out there.
For two, the real fault lies with the banks. Issuing that banks simply need to move to oauth is a joke. There is nothing simple about updating and/or unifying every banks online systems. Many banks run custom software and much of this is very old (but very well tested). Making any changes is a massive undertaking that most banks have explicitly rejected doing. If it ain't broke, don't fix it.
Finally, it's strange to fear getting hacked and losing money because of a non-FDIC insured account in mint. Who is using such banks in general let alone in mint?
As a software engineer, I'm always in awe of how well mint works. They have unified a massive number of disparate services. As a end user I love the value mint provides. As a hacker, putting passwords in makes me uneasy, but I'm confident in the banking institutions I use, and Mint's security.