Robinhood and Webull both support 2FA for login. This can help protect you from an attacker making unauthorized trades in your account.
According to this article:
https://support.tastytrade.com/support/s/solutions/articles/43000578659
tastytrade supports 2FA for certain activities:
- Changing your email address
- Changing or resetting your password
- Linking your bank account
- Initiating a withdrawal
Interestingly however, they don't support 2FA for client login.
So, if an attacker gets a hold of a victim's password, they could do the following:
- They go in and purchase far OTM 0DTE SPX options.
- The attacker is on the other side of the trade in their own account (selling those at a price lower than the default ask).
- The attacker collects the premium.
- The victim is out that money.
- Let's suppose the victim was away from the markets that day so the transaction completes.
As far as I can tell, the victim would be out that money.
What do y'all think? For those who use tastytrade, does this scenario concern you?
tastytrade : two-factor authentication (2FA)
byu/dharmatech inoptions
Posted by dharmatech
1 Comment
I have a highly complex and long random password, so I’m not worried about it being compromised. I have TOTP set up, but I don’t feel that it’s necesary for more than what they use it for. I need to give them TOTP for any money movements into/from the account, anything involving my credentials, or changing banks.
I would prefer they supported my Yubikey for that, but I feel that they’re applying it in the places it’s needed most.