Today: 12 June 2026
Schwab Orders Select Clients to Reset Logins, Joining Fidelity’s Credential‑Sharing Crackdown — Pontera Says Fidelity ‘Stands Alone’
11 November 2025
·
4 mins read

Schwab Orders Select Clients to Reset Logins, Joining Fidelity’s Credential‑Sharing Crackdown — Pontera Says Fidelity ‘Stands Alone’

by

Published: November 11, 2025

Key points

  • Charles Schwab has asked a subset of clients to reset their usernames/passwords after detecting third‑party credential sharing tied to data vendors. The firm frames the move as a client‑security step.
  • The change lands amid a broader industry fight over “credential sharing” and screen‑scraping access to 401(k)s and other “held‑away” accounts. Fidelity moved first to restrict such access in 2024 and stepped up enforcement this fall. Fidelity Newsroom
  • Fintech Pontera, which enables outside advisors to manage employer plans, says Fidelity “stands alone” in locking out clients and has escalated its public pressure campaign. Fidelity disputes Pontera’s claims and points to data‑security risks. InvestmentNews

What happened

On Monday, Nov. 10, Charles Schwab began requiring some clients to reset their login credentials. According to coverage from ThinkAdvisor and Citywire, the reset notices went to customers who had shared their Schwab usernames and passwords with third‑party data vendors; Schwab says the change is part of its security processes.

InvestmentNews reports the step follows Fidelity’s earlier enforcement moves limiting third‑party access to customer accounts, particularly for employer retirement plans, and places Schwab alongside its rival in cracking down on credential sharing.

Schwab’s own terms warn clients not to share credentials with anyone, including third‑party providers, adding that the company’s Security Guarantee won’t apply if clients do so. That policy context helps explain why customers who had shared logins were prompted to update them.

Why this matters: the 401(k) “held‑away assets” fight

The core tension is how RIAs and fintechs connect to accounts held at large providers. Many tools still rely on clients’ raw credentials (and sometimes screen scraping), a practice custodians argue exposes excessive data and security risk. In 2024 Fidelity announced it would “prevent platforms reliant on credential sharing from accessing and taking action in customer accounts,” framing the change as a client‑protection move to reduce data exposure. Fidelity Newsroom

Coverage this fall in 401(k) Specialist and other outlets highlighted how Fidelity’s enforcement affected advisors managing held‑away assets and intensified calls to shift to API‑based connections with plan‑sponsor oversight.

Pontera escalates: ‘Fidelity stands alone’ vs. ‘security first’

Pontera has led the pushback. In an open letter last month, CEO Yoav Zurel accused Fidelity of locking out “tens of thousands” of customers who work with outside fiduciary advisors. InvestmentNews reports that after Schwab’s reset notices surfaced, Pontera reiterated that “Fidelity stands alone” in outright lockouts. Fidelity rejects the characterization and has emphasized that its approach is about cybersecurity and reducing data exposure. Pontera

Consumer‑facing explainers have also documented friction for some Fidelity participants as the firm tightened policies; Fidelity told NerdWallet the measures aim to address credential sharing while offering guidance for affected customers.

What Schwab is telling clients — and what advisors are saying

Schwab indicated that some clients granted third‑party data vendors access in ways that could conflict with the firm’s security policies, prompting required credential updates. That aligns with longstanding Schwab notices that sharing logins can negate certain protections under its Security Guarantee.

Industry voices quoted by InvestmentNews argue that screen‑scraping tools often hoover up more information than necessary and break frequently, strengthening the case for direct APIs. Others note that custodians must enforce plan‑sponsor rules and data‑protection obligations, even when it frustrates advisor workflows.

Separate analysis last month also underscored the compliance and auditability risks advisors may run when managing held‑away assets through credential‑sharing intermediaries rather than approved channels.

What clients can do now

  • Review and disconnect third‑party access you don’t need. Schwab provides a security‑settings page where clients can see which services are linked and remove them.
  • Update your password and login ID. If you received a reset notice—or simply haven’t changed credentials in a while—Schwab’s guidance details strong‑password rules and how to update.
  • Turn on two‑factor authentication. Enabling verification codes (and using a hardware or mobile token where available) reduces takeover risk.
  • Understand the Security Guarantee. Schwab explicitly warns that sharing your login with any third party can void the guarantee; if a tool needs access, ask whether there’s an approved, read‑only, API‑based alternative.

What RIAs should do next

  • Audit fintech connections. Identify systems that rely on raw credentials or scraping and map them to approved, API‑based integrations where possible. Expect more custodians to follow Fidelity and Schwab in curbing credential sharing.
  • Document client consent and plan‑sponsor oversight. Several advisors warn that the compliance burden is rising for held‑away accounts; be ready to evidence controls and data‑minimization.
  • Proactively communicate. Reset prompts can unsettle clients. Explain the security rationale, how access may change, and alternatives for ongoing advice on 401(k)s.

Timeline: how we got here

  • Sept. 13, 2024 — Fidelity announces it will prevent credential‑sharing platforms from accessing and taking action in customer accounts to enhance security.
  • Oct. 10, 2025 — Pontera publishes an open letter alleging Fidelity is locking out many customers who work with outside advisors.
  • Oct. 15, 2025 — Industry coverage details the escalating Fidelity‑Pontera dispute and the underlying security debate.
  • Nov. 10, 2025 — Schwab asks certain clients who shared credentials with third‑party vendors to reset logins; the firm cites data security.
  • Nov. 10, 2025 — InvestmentNews reports Pontera’s fresh criticism that “Fidelity stands alone,” while experts urge a shift from scraping to APIs. InvestmentNews

Bottom line

Schwab’s targeted reset requirement doesn’t mirror Fidelity’s policy step‑for‑step, but it signals the same direction of travel: credential sharing and screen scraping are on borrowed time. Expect more enforcement, more client prompts, and continued pressure on advisors and fintechs to use sanctioned, least‑privilege API connections—with plan‑sponsor oversight where required. For investors, the practical takeaway is straightforward: review who can see your accounts, stop sharing passwords, and turn on strong authentication.

Sources: InvestmentNews, ThinkAdvisor, Citywire Pro Buyer, Fidelity newsroom, Pontera, and Schwab client‑security documentation.

Disclosure: This article is for information only and does not constitute investment, legal, or cybersecurity advice.

Marcin Frąckiewicz Latest posts

CEO of TS2 Space and founder of TS2.tech. Expert in satellites, telecommunications, and emerging technologies, covering trends in space, AI, and connectivity.

  1. US Stock Market Today: Live Updates 12.06.2026
  2. Moderna Gains Almost 8% With Nasdaq Recovery; Cancer Vaccine Pipeline Still a Key Focus
  3. Itaú Unibanco Rises After Announcing R$3 Billion Tier 1 Capital Plan
  4. Navan surges after guidance hike brings AI travel platform to fore

Stock Market Today

  • South Korean Stocks Rebound with Kospi Ending Volatile Week Firm
    June 12, 2026, 4:17 AM EDT. South Korean stocks rebounded as the Kospi index closed the week on a strong note despite volatility. The Kospi, a key benchmark for the South Korean stock market, showed resilience amid fluctuating investor sentiment. Market participants reacted to recent economic data and global financial developments, contributing to the fluctuating trading patterns. Analysts noted the recovery highlights the market's adaptability to ongoing uncertainties in global and domestic economic conditions. Kospi's firm close signals cautious optimism among investors looking for stability in a turbulent week for Asian equities.

Latest articles

Wall Street Feels the Heat (and Thrill): Fed Cuts, Tariffs & Mega-Mergers Set NYSE Buzz

US Stock Market Today: Live Updates 12.06.2026

12 June 2026
Elon Musk is set to become the world’s first trillionaire after SpaceX’s Nasdaq IPO launches with a $1.77 trillion valuation, boosting his wealth to over $1 trillion and marking a new era in wealth concentration as his fortune surpasses 3% of U.S. GDP.
AI Names Drop, Oil Upends Inflation Bets, US Stocks Slip

Dow up 930 points after hours as tech lifts Nasdaq

12 June 2026
Dow soars 929.97 points for its strongest session in months as easing geopolitical risk and a rebound in tech drive ETFs higher after hours; chip stocks surge with the PHLX Semiconductor Index up 7.9%, while Adobe drops 5.44% after CFO exit despite raised forecasts.
SpaceX launches 29 Starlink satellites from Florida; targets another 28 from Vandenberg today (Nov. 6, 2025)
Previous Story

SpaceX Launches 29 Starlink Satellites on Falcon 9, Breaking Florida’s Annual Launch Record — Nov. 11, 2025

Sky on Fire Tonight: Giant ‘Solar Canyon’ Aims 800‑km/s Wind at Earth—Northern Lights Could Ignite 15 U.S. States & Test Global Tech
Next Story

NOAA Issues G4 ‘Severe’ Geomagnetic Storm Watch for Nov. 12 After X5.1 Solar Flare — Northern Lights Possible as Far South as Indiana Tonight (Nov. 11)

Go toTop