I am generally in favor of STP and am anxiously awaiting its availability for my (non-advisor) account. However, I will have to agree that if momentary pinkouts and/or control-alt-R require re-entry of STP info, then it may impact my opinion tremendously. I don't run into the problem as much as others whose posts I've seen, but, it happens more than once a wk (pink out or a confused quote situation requiring ctrl-alt-R) even on a pretty stable home connection, and of course much more from airport waiting areas/taxis, etc. via EVDO.
Here is an example of a USB device which should do the job nicely: http://www.rsa.com/products/securid/datasheets/SID6200_DS_0606.pdf
Good as a credential store, but much less secure for OTP bec a trojan can surreptitiously read from the device. Similarly, SecureID time-based systems are less secure than the SecureComputing challenge/response system IB uses because you have potentially a one minute replay attack interval. From this perspective, though I hate having to enter the challenge, I like it more than the time-based tokens. It is true that a trojan can still take control via API -- but this can be strengthen overtime by encrypting the channel and requiring a shared secret as part of the API set-up. (Not sure if DDE can do this, but the socket API can definitely add this.) Then the sole vulnerability is attacking the client classes and/or TWS code. Though these can be signed, so you'd need to compromise the JRE. Yea security is a game of higher & higher fences.
Hopefully the Advisor accounts are IB's guinea pig/beta testers. If enough advisor accounts report the pink outs reconnects issue. Then maybe IB will fix the issue before further rollout.
I would have prefered the time based tokens. With a bit of coding and state maintenance at IBs end you could ensure that time based tokens could be played only once. It seems IB went for an approach that wouldnt require too much coding, the current implementation seems to be a stand alone module. However they are going to have to come up with something more integrated into TWS to get over the pink outs not requiring a new challenge issue.
We are making a change so customers will not be required to re-authenticate on disconnect/reconnects. API customers concerned about the STP's impact on their trading should direct their questions to our help desk, or you can PM me.
Sal, Please keep us all in the loop on any other changes you make or plan to make. Remember that the quantity of complaints will be inversely proportional to the quantity of information we receive -- if we don't know what is going on or what the rules are, we bitch about it (OK sometimes we bitch anyway, but a lot less). Are there any other instances where we'd get a challenge prompt again after we log in (other than closing down TWS)? Will the overnight server disconnect trigger a challenge again? SSB
SSB, The overnight restart would cause a new STP authentication. This is the only time IB forces you to log out and soon will be the only time a new STP authentication is required. Sal
Very good news. Thank you. This allows me to return to my previous view that the security device is a good thing.