Skip to content

Instantly share code, notes, and snippets.

@souleiman

souleiman/Fidelity2FA.md

Created June 3, 2021 17:47
Show Gist options
  • Save souleiman/15f19ae0fa174b989b590dbd386bf32a to your computer and use it in GitHub Desktop.
Save souleiman/15f19ae0fa174b989b590dbd386bf32a to your computer and use it in GitHub Desktop.
Download ZIP
[Guide] How to setup 2FA on Fidelity without Symantec VIP Access
Raw
Fidelity2FA.md

Before I start, I am going to mention that Fidelity does support a 2FA by using Symantec VIP Access to accomplish this. You can follow the instructions here https://www.fidelity.com/security/soft-tokens/overview. This requires you to install an app from Symantec VIP on your computer/phone.

With that out of the way, I am personally not a fan of using Symantec products, nor interested in install a separate third party app to accomplish this when most of us, including myself use some form of OTP/2FA app like Google Authenticator, Authy, 1Password, or what have you.

If you share the same sentiment as I, don't worry I have good news.

Symantec VIP Access actually uses a completely open standard called Time-based One-time Password Algorithm for generating the 6-digit codes that it outputs. The only non-standard part is the provisioning protocol used to create a new token.

In other words, this means that we can use OTP on our favorite app. The question is how do we do that. There's two ways to grab this information, there's a FOSS (Free and Open Source Software) that will help us generate the OTP code that we need. python-vipaccess will help us generate the Symantec VIP Access id and secret that we can use to import to our OTP app.

However, I understand that most of us are not familiar with command-line interface and python. However, if you are. You are most likely welcome to follow the instructions to generate the 2FA code and it's straightforward. I will be sharing another method that utilizes the python-vipaccess software from your browser. If you choose to do the python approach, you can skip to step 2.

I should note that I am in no way or form affiliated with python-vipaccess or the website that makes this easy. All credits goes to them.

  1. You can generate the credentials needed by visiting https://puvox.software/tools/symantec-vip-qr-code. You can simply fill out the textbox, you can call it whatever you want. Once you do that press enter and it will automatically generate you a name, secret, QR Code, and the full_path. I would recommend you to copy these information and save them. If you are using a smartphone, you can go ahead and open your favorite OTP app and scan the QR code. I know 1Password on Desktop supports scanning your screen. Otherwise, you can use the full_path to generate your OTP code.
  2. Before moving on to the next step, make sure that your OTP is producing a 6 digit number. This is what it looks like in 1Password for me. https://imgur.com/y6Vzq0p
  3. At this point, you have completed step 1 from this instruction page. Now you need to call up Fidelity using the number on step 2. Tell them you would like to setup 2FA (If you already have it setup with Symantec VIP, you probably want to ask them to remove the old one.) Provide them the name that we generated from the page earlier or id if you used the python approach. It should be SYMCXXXXXXXX.
  4. Once you have provided the representative with that information. Do not hang up! Confirm that you can access your account. Once you have logged in, you should be greeted with a page like this https://imgur.com/DByu4zt.
  5. Enter the 6 digit code from your OTP app and viola, you should be logged in.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment