Today: 8 January 2026
Subscribe
Schwab Orders Select Clients to Reset Logins, Joining Fidelity’s Credential‑Sharing Crackdown — Pontera Says Fidelity ‘Stands Alone’
·

Schwab Orders Select Clients to Reset Logins, Joining Fidelity’s Credential‑Sharing Crackdown — Pontera Says Fidelity ‘Stands Alone’

by
11 November 2025

Published: November 11, 2025

Key points

  • Charles Schwab has asked a subset of clients to reset their usernames/passwords after detecting third‑party credential sharing tied to data vendors. The firm frames the move as a client‑security step. ThinkAdvisor
  • The change lands amid a broader industry fight over “credential sharing” and screen‑scraping access to 401(k)s and other “held‑away” accounts. Fidelity moved first to restrict such access in 2024 and stepped up enforcement this fall. Fidelity Newsroom
  • Fintech Pontera, which enables outside advisors to manage employer plans, says Fidelity “stands alone” in locking out clients and has escalated its public pressure campaign. Fidelity disputes Pontera’s claims and points to data‑security risks. InvestmentNews

What happened

On Monday, Nov. 10, Charles Schwab began requiring some clients to reset their login credentials. According to coverage from ThinkAdvisor and Citywire, the reset notices went to customers who had shared their Schwab usernames and passwords with third‑party data vendors; Schwab says the change is part of its security processes. ThinkAdvisor

InvestmentNews reports the step follows Fidelity’s earlier enforcement moves limiting third‑party access to customer accounts, particularly for employer retirement plans, and places Schwab alongside its rival in cracking down on credential sharing. InvestmentNews

Schwab’s own terms warn clients not to share credentials with anyone, including third‑party providers, adding that the company’s Security Guarantee won’t apply if clients do so. That policy context helps explain why customers who had shared logins were prompted to update them. Schwab Brokerage

Why this matters: the 401(k) “held‑away assets” fight

The core tension is how RIAs and fintechs connect to accounts held at large providers. Many tools still rely on clients’ raw credentials (and sometimes screen scraping), a practice custodians argue exposes excessive data and security risk. In 2024 Fidelity announced it would “prevent platforms reliant on credential sharing from accessing and taking action in customer accounts,” framing the change as a client‑protection move to reduce data exposure. Fidelity Newsroom

Coverage this fall in 401(k) Specialist and other outlets highlighted how Fidelity’s enforcement affected advisors managing held‑away assets and intensified calls to shift to API‑based connections with plan‑sponsor oversight. 401k Specialist Magazine

Pontera escalates: ‘Fidelity stands alone’ vs. ‘security first’

Pontera has led the pushback. In an open letter last month, CEO Yoav Zurel accused Fidelity of locking out “tens of thousands” of customers who work with outside fiduciary advisors. InvestmentNews reports that after Schwab’s reset notices surfaced, Pontera reiterated that “Fidelity stands alone” in outright lockouts. Fidelity rejects the characterization and has emphasized that its approach is about cybersecurity and reducing data exposure. Pontera

Consumer‑facing explainers have also documented friction for some Fidelity participants as the firm tightened policies; Fidelity told NerdWallet the measures aim to address credential sharing while offering guidance for affected customers. NerdWallet UK

What Schwab is telling clients — and what advisors are saying

Schwab indicated that some clients granted third‑party data vendors access in ways that could conflict with the firm’s security policies, prompting required credential updates. That aligns with longstanding Schwab notices that sharing logins can negate certain protections under its Security Guarantee. InvestmentNews

Industry voices quoted by InvestmentNews argue that screen‑scraping tools often hoover up more information than necessary and break frequently, strengthening the case for direct APIs. Others note that custodians must enforce plan‑sponsor rules and data‑protection obligations, even when it frustrates advisor workflows. InvestmentNews

Separate analysis last month also underscored the compliance and auditability risks advisors may run when managing held‑away assets through credential‑sharing intermediaries rather than approved channels. InvestmentNews

What clients can do now

  • Review and disconnect third‑party access you don’t need. Schwab provides a security‑settings page where clients can see which services are linked and remove them. Schwab Brokerage
  • Update your password and login ID. If you received a reset notice—or simply haven’t changed credentials in a while—Schwab’s guidance details strong‑password rules and how to update. Schwab Brokerage
  • Turn on two‑factor authentication. Enabling verification codes (and using a hardware or mobile token where available) reduces takeover risk. Schwab Brokerage
  • Understand the Security Guarantee. Schwab explicitly warns that sharing your login with any third party can void the guarantee; if a tool needs access, ask whether there’s an approved, read‑only, API‑based alternative. Schwab Brokerage

What RIAs should do next

  • Audit fintech connections. Identify systems that rely on raw credentials or scraping and map them to approved, API‑based integrations where possible. Expect more custodians to follow Fidelity and Schwab in curbing credential sharing. InvestmentNews
  • Document client consent and plan‑sponsor oversight. Several advisors warn that the compliance burden is rising for held‑away accounts; be ready to evidence controls and data‑minimization. InvestmentNews
  • Proactively communicate. Reset prompts can unsettle clients. Explain the security rationale, how access may change, and alternatives for ongoing advice on 401(k)s. InvestmentNews

Timeline: how we got here

  • Sept. 13, 2024 — Fidelity announces it will prevent credential‑sharing platforms from accessing and taking action in customer accounts to enhance security. Fidelity Newsroom
  • Oct. 10, 2025 — Pontera publishes an open letter alleging Fidelity is locking out many customers who work with outside advisors. Pontera
  • Oct. 15, 2025 — Industry coverage details the escalating Fidelity‑Pontera dispute and the underlying security debate. 401k Specialist Magazine
  • Nov. 10, 2025 — Schwab asks certain clients who shared credentials with third‑party vendors to reset logins; the firm cites data security. ThinkAdvisor
  • Nov. 10, 2025 — InvestmentNews reports Pontera’s fresh criticism that “Fidelity stands alone,” while experts urge a shift from scraping to APIs. InvestmentNews

Bottom line

Schwab’s targeted reset requirement doesn’t mirror Fidelity’s policy step‑for‑step, but it signals the same direction of travel: credential sharing and screen scraping are on borrowed time. Expect more enforcement, more client prompts, and continued pressure on advisors and fintechs to use sanctioned, least‑privilege API connections—with plan‑sponsor oversight where required. For investors, the practical takeaway is straightforward: review who can see your accounts, stop sharing passwords, and turn on strong authentication. InvestmentNews

Sources: InvestmentNews, ThinkAdvisor, Citywire Pro Buyer, Fidelity newsroom, Pontera, and Schwab client‑security documentation. 401k Specialist Magazine

Disclosure: This article is for information only and does not constitute investment, legal, or cybersecurity advice.

Fidelity vs Vanguard vs Schwab: My Take Having Used All 3 for 20+ Years
Watch this video on YouTube.
Marcin Frąckiewicz Latest posts

CEO of TS2 Space and founder of TS2.tech. Expert in satellites, telecommunications, and emerging technologies, covering trends in space, AI, and connectivity.

  1. APLD stock slips premarket after Applied Digital’s Q2 results, AI data-center buildout in focus
  2. Intel stock jumps 6% in premarket as CES “Panther Lake” chips put Jan. 22 earnings in focus
  3. Chevron stock slips before the open on Venezuela license talks — what investors watch next
  4. Meta stock slips premarket as China opens probe into Manus AI acquisition

Stock Market Today

  • AI market heads into 2026 with spending strength, but valuations still in focus
    January 8, 2026, 7:27 AM EST. As this year begins, early-cycle AI spending hints at resilience into 2026 even as investors weigh valuations. The piece distinguishes AI spending from stock prices; not every AI name is in a bubble. Early-cycle players Comfort Systems (FIX) and Teradyne (TER) show continued demand. Comfort's backlog rose 15.5% in Q3; CEO Brian Lane says demand remains robust. Teradyne posted strong Q3 results, with SOC solutions fueling AI-related growth and guidance for about a 25% sequential rise in Q4. The takeaway: AI spending looks durable, but investors should beware overinvesting in a crowded space. Industry voices, including Asit Sharma, frame AI as a generational opportunity, favoring quality leaders with solid cash flow and proven wins.
Constellation Software (CSU.TO) Stock Plunges on Founder’s Exit – Analysts See 58% Upside
Previous Story

CSU Stock Today (Nov 10, 2025): Constellation Software Hits New 52‑Week Low as BMO Trims Target; Q3 Revenue +16% and $1 Dividend Reaffirmed

Hong Kong Stocks Close Slightly Higher as Tech Hype Cools; XPeng Soars on AI Buzz — Hang Seng Ends at 26,696 (Nov 11, 2025)
Next Story

Hong Kong Stocks Close Slightly Higher as Tech Hype Cools; XPeng Soars on AI Buzz — Hang Seng Ends at 26,696 (Nov 11, 2025)

Go toTop