Today: 2 July 2026
Schwab Orders Select Clients to Reset Logins, Joining Fidelity’s Credential‑Sharing Crackdown — Pontera Says Fidelity ‘Stands Alone’
11 November 2025
4 mins read

Schwab Orders Select Clients to Reset Logins, Joining Fidelity’s Credential‑Sharing Crackdown — Pontera Says Fidelity ‘Stands Alone’

Published: November 11, 2025

Key points

  • Charles Schwab has asked a subset of clients to reset their usernames/passwords after detecting third‑party credential sharing tied to data vendors. The firm frames the move as a client‑security step.
  • The change lands amid a broader industry fight over “credential sharing” and screen‑scraping access to 401(k)s and other “held‑away” accounts. Fidelity moved first to restrict such access in 2024 and stepped up enforcement this fall. Fidelity Newsroom
  • Fintech Pontera, which enables outside advisors to manage employer plans, says Fidelity “stands alone” in locking out clients and has escalated its public pressure campaign. Fidelity disputes Pontera’s claims and points to data‑security risks. InvestmentNews

What happened

On Monday, Nov. 10, Charles Schwab began requiring some clients to reset their login credentials. According to coverage from ThinkAdvisor and Citywire, the reset notices went to customers who had shared their Schwab usernames and passwords with third‑party data vendors; Schwab says the change is part of its security processes.

InvestmentNews reports the step follows Fidelity’s earlier enforcement moves limiting third‑party access to customer accounts, particularly for employer retirement plans, and places Schwab alongside its rival in cracking down on credential sharing.

Schwab’s own terms warn clients not to share credentials with anyone, including third‑party providers, adding that the company’s Security Guarantee won’t apply if clients do so. That policy context helps explain why customers who had shared logins were prompted to update them.


Why this matters: the 401(k) “held‑away assets” fight

The core tension is how RIAs and fintechs connect to accounts held at large providers. Many tools still rely on clients’ raw credentials (and sometimes screen scraping), a practice custodians argue exposes excessive data and security risk. In 2024 Fidelity announced it would “prevent platforms reliant on credential sharing from accessing and taking action in customer accounts,” framing the change as a client‑protection move to reduce data exposure. Fidelity Newsroom

Coverage this fall in 401(k) Specialist and other outlets highlighted how Fidelity’s enforcement affected advisors managing held‑away assets and intensified calls to shift to API‑based connections with plan‑sponsor oversight.


Pontera escalates: ‘Fidelity stands alone’ vs. ‘security first’

Pontera has led the pushback. In an open letter last month, CEO Yoav Zurel accused Fidelity of locking out “tens of thousands” of customers who work with outside fiduciary advisors. InvestmentNews reports that after Schwab’s reset notices surfaced, Pontera reiterated that “Fidelity stands alone” in outright lockouts. Fidelity rejects the characterization and has emphasized that its approach is about cybersecurity and reducing data exposure. Pontera

Consumer‑facing explainers have also documented friction for some Fidelity participants as the firm tightened policies; Fidelity told NerdWallet the measures aim to address credential sharing while offering guidance for affected customers.


What Schwab is telling clients — and what advisors are saying

Schwab indicated that some clients granted third‑party data vendors access in ways that could conflict with the firm’s security policies, prompting required credential updates. That aligns with longstanding Schwab notices that sharing logins can negate certain protections under its Security Guarantee.

Industry voices quoted by InvestmentNews argue that screen‑scraping tools often hoover up more information than necessary and break frequently, strengthening the case for direct APIs. Others note that custodians must enforce plan‑sponsor rules and data‑protection obligations, even when it frustrates advisor workflows.

Separate analysis last month also underscored the compliance and auditability risks advisors may run when managing held‑away assets through credential‑sharing intermediaries rather than approved channels.


What clients can do now

  • Review and disconnect third‑party access you don’t need. Schwab provides a security‑settings page where clients can see which services are linked and remove them.
  • Update your password and login ID. If you received a reset notice—or simply haven’t changed credentials in a while—Schwab’s guidance details strong‑password rules and how to update.
  • Turn on two‑factor authentication. Enabling verification codes (and using a hardware or mobile token where available) reduces takeover risk.
  • Understand the Security Guarantee. Schwab explicitly warns that sharing your login with any third party can void the guarantee; if a tool needs access, ask whether there’s an approved, read‑only, API‑based alternative.

What RIAs should do next

  • Audit fintech connections. Identify systems that rely on raw credentials or scraping and map them to approved, API‑based integrations where possible. Expect more custodians to follow Fidelity and Schwab in curbing credential sharing.
  • Document client consent and plan‑sponsor oversight. Several advisors warn that the compliance burden is rising for held‑away accounts; be ready to evidence controls and data‑minimization.
  • Proactively communicate. Reset prompts can unsettle clients. Explain the security rationale, how access may change, and alternatives for ongoing advice on 401(k)s.

Timeline: how we got here

  • Sept. 13, 2024 — Fidelity announces it will prevent credential‑sharing platforms from accessing and taking action in customer accounts to enhance security.
  • Oct. 10, 2025 — Pontera publishes an open letter alleging Fidelity is locking out many customers who work with outside advisors.
  • Oct. 15, 2025 — Industry coverage details the escalating Fidelity‑Pontera dispute and the underlying security debate.
  • Nov. 10, 2025 — Schwab asks certain clients who shared credentials with third‑party vendors to reset logins; the firm cites data security.
  • Nov. 10, 2025 — InvestmentNews reports Pontera’s fresh criticism that “Fidelity stands alone,” while experts urge a shift from scraping to APIs. InvestmentNews

Bottom line

Schwab’s targeted reset requirement doesn’t mirror Fidelity’s policy step‑for‑step, but it signals the same direction of travel: credential sharing and screen scraping are on borrowed time. Expect more enforcement, more client prompts, and continued pressure on advisors and fintechs to use sanctioned, least‑privilege API connections—with plan‑sponsor oversight where required. For investors, the practical takeaway is straightforward: review who can see your accounts, stop sharing passwords, and turn on strong authentication.


Sources: InvestmentNews, ThinkAdvisor, Citywire Pro Buyer, Fidelity newsroom, Pontera, and Schwab client‑security documentation.

Disclosure: This article is for information only and does not constitute investment, legal, or cybersecurity advice.

Marcin Frąckiewicz is the founder and CEO of TS2 Space, a satellite communications company serving customers around the world. A graduate of the Warsaw School of Economics (SGH), he has more than two decades of experience in telecommunications, satellite services and technology ventures. He writes about satellite communications, space technology, artificial intelligence and the stock market, with a particular focus on technology companies, semiconductors, emerging industries and the trends shaping global innovation.

Stock Market Today

  • Keel Infrastructure (KEEL) Jumps 432.7% in a Year, Lofty Valuation Draws Skepticism
    July 2, 2026, 1:31 AM EDT. Keel Infrastructure (NasdaqGM:KEEL) has soared 432.7% over the past year as investors flock to its AI and high-performance computing data center story. The stock now trades at a price-to-sales ratio of 14.9x, much higher than the software industry average of 3.5x. That's expensive. Simply Wall St's Fair Ratio model pegs a fair P/S for Keel around 0.8x, raising red flags about a big premium thanks to continued losses and tough targets. Even with Keel landing in the Russell 3000 index, its valuation score sits at zero out of six. The score questions if current prices actually match the AI potential or if expectations have run too far. Investors are betting on big growth but face tight balance sheet risks.
IonQ (INBX) Stock Soars on Quantum Breakthrough and $2B Deal – Bubble or Next Big Thing?
Previous Story

IonQ Q3 2025 Earnings (Nov. 5): Revenue Soars 222% to $39.9M, Full‑Year Outlook Raised; Here’s What It Means for IONQ Stock

Schwab Orders Select Clients to Reset Logins, Joining Fidelity’s Credential‑Sharing Crackdown — Pontera Says Fidelity ‘Stands Alone’
Next Story

How to Buy SpaceX Stock in 2025: Latest Valuation, IPO Signals and Who Really Owns the Shares (Updated 14 November 2025)

Go toTop