site banner

Small-Scale Question Sunday for October 27, 2024

Do you have a dumb question that you're kind of embarrassed to ask in the main thread? Is there something you're just not sure about?

This is your opportunity to ask questions. No question too simple or too silly.

Culture war topics are accepted, and proposals for a better intro post are appreciated.

2
Jump in the discussion.

No email address required.

This is where I’m not so sure. Current iterations as far as I can tell generally use “Oauth” which again is a bit of a black box but from what I can tell you’re logging into your bank and giving plaid an access token, which I think can be configured to be read only. Although more black box. In practice, plaid doesn’t have your password generally (although maybe for some banks as your link discusses.) what it can do with that token (is it read only?) is even read only bad enough? Etc. is up for debate.

The last time I was faced with a plaid page, they wanted me to enter my password in a plaid page, rather than my bank's page. Perhaps this has changed, but there's simply no way that I'd trust plaid not to retain my password in some regarded way.