NexusFi: Find Your Edge


Home Menu

 





Ninja Trader Security


Discussion in NinjaTrader

Updated
      Top Posters
    1. looks_one AnyM with 6 posts (0 thanks)
    2. looks_two Big Mike with 2 posts (0 thanks)
    3. looks_3 Market Monkey with 2 posts (0 thanks)
    4. looks_4 cory with 1 posts (0 thanks)
    1. trending_up 5,072 views
    2. thumb_up 1 thanks given
    3. group 4 followers
    1. forum 15 posts
    2. attach_file 0 attachments




 
Search this Thread

Ninja Trader Security

  #11 (permalink)
 
DavidHP's Avatar
 DavidHP 
Isla Mujeres, MX
Legendary Market Wizard
 
Experience: Advanced
Platform: NinjaTrader
Broker: Ninjatrader / Optimus Futures / AmpFutures
Trading: ES / 6E / 6B / CL
Frequency: Every few days
Duration: Minutes
Posts: 1,606 since Aug 2009
Thanks Given: 11,327
Thanks Received: 2,736


Market Monkey View Post
Couldn't agree more. I found your post by googling "Ninja Trader Security"...they have NOTHING by way of security...it's a real concern. Coming from IB, I'm used to using electronic tokens to verify me as the user after already submitting my password. Anyone with the same name as you could easily have a wire sent from your account as that's the only security measure they have. Crazy.

I don't think it is that easy.
If you contact Dorman or Ninja and for a wire transfer they only accept checks or wire transfers TO and FROM the bank account listed on your application.

To change that information you will need to verify your identity in several ways.

Over the years I've had many wire transfers in and out and each time they must originate from my 'listed' bank account and they will only send transfers to my 'listed' accounts. Maybe you have a different experience but this is how it has worked for me.

The login for NT and/or Windows is only a safeguard.
Anyone with access to your computer (either locally or remotely) can easily crack the hash of your password.
If you allow a skilled person to sit at your computer with it off and not logged into Windows, they can access your PC and Windows in less than 60 seconds without knowing your password.

Locks and/or passwords are only to keep the honest people out.

Rejoice in the Thunderstorms of Life . . .
Knowing it's not about Clouds or Wind. . .
But Learning to Dance in the Rain ! ! !
Follow me on Twitter Reply With Quote

Can you help answer these questions
from other members on NexusFi?
My NT8 Volume Profile Split by Asian/Euro/Open
NinjaTrader
ZombieSqueeze
Platforms and Indicators
Request for MACD with option to use different MAs for fa …
NinjaTrader
NexusFi Journal Challenge - April 2024
Feedback and Announcements
 
Best Threads (Most Thanked)
in the last 7 days on NexusFi
Retail Trading As An Industry
58 thanks
Battlestations: Show us your trading desks!
55 thanks
NexusFi site changelog and issues/problem reporting
48 thanks
What percentage per day is possible? [Poll]
31 thanks
GFIs1 1 DAX trade per day journal
29 thanks

  #12 (permalink)
Market Monkey
Pesaro,Italy
 
Posts: 8 since Sep 2011
Thanks Given: 9
Thanks Received: 5


DavidHP View Post
I don't think it is that easy.
If you contact Dorman or Ninja and for a wire transfer they only accept checks or wire transfers TO and FROM the bank account listed on your application.

To change that information you will need to verify your identity in several ways.

Over the years I've had many wire transfers in and out and each time they must originate from my 'listed' bank account and they will only send transfers to my 'listed' accounts. Maybe you have a different experience but this is how it has worked for me.

The login for NT and/or Windows is only a safeguard.
Anyone with access to your computer (either locally or remotely) can easily crack the hash of your password.
If you allow a skilled person to sit at your computer with it off and not logged into Windows, they can access your PC and Windows in less than 60 seconds without knowing your password.

Locks and/or passwords are only to keep the honest people out.

Thanks for the info regarding the listed accounts. I've just opened my account so have yet to request a wire out of it.

My concern is, how easy is it to "list" an account? I've been told that no credentials are necessary to initiate a withdrawal...maybe it's different in practice...granted, it's unlikely that anyone will have your exact name and surname AND know that you have an account with NT, but seems a bit careless, especially for people with large sums of money in their account.

As far as the password is concerned, I agree. Just a password wouldn't be sufficient. That's why I mentioned the "electronic tokens" that give you a random 6-8 digit number to type in in addition to the password as an extra layer of security.

Most bank accounts have this "one time password" addition- either by SMS or the aforementioned token. I don't see why NT brokerage doesn't have it as they are keeping your money in a bank as well.

Reply With Quote
  #13 (permalink)
 timefreedom 
Indianapolis, IN USA
 
Experience: Advanced
Platform: Ninjatrader TOS Custom
Broker: Several
Trading: ES CL ZB
Posts: 374 since Dec 2009
Thanks Given: 226
Thanks Received: 381



Market Monkey View Post
Couldn't agree more. I found your post by googling "Ninja Trader Security"...they have NOTHING by way of security...it's a real concern. Coming from IB, I'm used to using electronic tokens to verify me as the user after already submitting my password. Anyone with the same name as you could easily have a wire sent from your account as that's the only security measure they have. Crazy.

Perhaps Ray, @NinjaTrader or someone from @NinjaTraderBrokerage will address this, along with the fact that their online withdrawal page, including first name, last name, brokerage account number, bank name, bank account number, routing number, etc. is not even on a security certificate protected page. I realize the majority of clients never actually "withdraw" funds - but it's a serious problem that can be easily (and quickly) fixed. Thanks.

Reply With Quote
The following user says Thank You to timefreedom for this post:
  #14 (permalink)
 
NinjaTrader's Avatar
 NinjaTrader  NinjaTrader is an official Site Sponsor
Site Sponsor

Web: NinjaTrader
AMA: Ask Me Anything
Webinars: NinjaTrader Webinars
Elite offer: Click here
 
Posts: 1,713 since May 2010
Thanks Given: 203
Thanks Received: 2,686


timefreedom View Post
Perhaps Ray, @NinjaTrader or someone from @NinjaTraderBrokerage will address this, along with the fact that their online withdrawal page, including first name, last name, brokerage account number, bank name, bank account number, routing number, etc. is not even on a security certificate protected page. I realize the majority of clients never actually "withdraw" funds - but it's a serious problem that can be easily (and quickly) fixed. Thanks.

Thanks for asking me to comment:

As per DavidHP post #11, there are safeguards to ensure that wires and checks are sent only to the originating funding source. We did some work on our brokerage site and as an oversight; HTTPS was not forced on the withdrawal page. This has since been remedied.

Cyber security is an important item and an area that NinjaTrader is investing on in the future. One major project is to build a client portal that will allow our clients to manage various aspects of their account. We anticipate starting this in the coming months.

Follow me on Twitter Reply With Quote
  #15 (permalink)
 
learning0101's Avatar
 learning0101 
Houston, Texas
 
Experience: Intermediate
Platform: NinjaTrader,TOS,Etrade,St
Broker: NT:( tos,etrade,CS
Trading: stocks,options,futures,forex
Frequency: Never
Duration: Never
Posts: 287 since Aug 2011
Thanks Given: 3,613
Thanks Received: 222

Hi back to original thread starters request.
Hi @AnyM here is quick link to google results for ways to PW protect any .exe
https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=password%20protect%20exe

Reply With Quote
  #16 (permalink)
 AnyM 
Bangkok, Thailand
 
Experience: None
Platform: Ninjatrader 8
Broker: NT Continuum TastyWorks
Trading: ES
Posts: 65 since Jun 2013
Thanks Given: 2
Thanks Received: 33


learning0101 View Post
Hi back to original thread starters request.
Hi @AnyM here is quick link to google results for ways to PW protect any .exe
https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=password%20protect%20exe

Thanks. The work around for me is that I save my login and password details for Continuum with Robo Form. Before I log out I delete my password and use robo form to fill it out again when I log back in.

Started this thread Reply With Quote





Last Updated on January 24, 2015


© 2024 NexusFi™, s.a., All Rights Reserved.
Av Ricardo J. Alfaro, Century Tower, Panama City, Panama, Ph: +507 833-9432 (Panama and Intl), +1 888-312-3001 (USA and Canada)
All information is for educational use only and is not investment advice. There is a substantial risk of loss in trading commodity futures, stocks, options and foreign exchange products. Past performance is not indicative of future results.
About Us - Contact Us - Site Rules, Acceptable Use, and Terms and Conditions - Privacy Policy - Downloads - Top
no new posts