[GNC] [GNC-dev] USAA FSB requires newer QWIN support
John Ralls
jralls at ceridwen.us
Sun Feb 14 23:55:11 EST 2021
What flavor of Quicken did you use?
Regards,
John Ralls
> On Feb 14, 2021, at 6:19 PM, Keith Bellairs <keith at bellairs.org> wrote:
>
> My USAA checking and credit card seem to be working. My users/00000.conf is using this client UID: I got it from quicken's OFXlog.txt file.
>
> char clientUid="39E0E763-4E1E-4918-9528-D6EBAC94EF5D"
>
> Notably when the online action in GNC challenges for the account password the required response is now the "Access PIN". No longer the web site account password. Yet another password to track.
>
> I cannot believe its working again. Thanks everyone.
>
> Keith
>
> _________________
>
> Date: Sun, 14 Feb 2021 11:12:26 -0800
> From: John Ralls <jralls at ceridwen.us>
> To: Randy Johnson <rsjdev314 at gmail.com>
> Cc: gnucash-devel at gnucash.org, gnucash-user at gnucash.org
> Subject: Re: [GNC] [GNC-dev] USAA FSB requires newer QWIN support
> Message-ID: <CB5E6F20-A9A6-4493-89E9-9451B4826DB1 at ceridwen.us>
> Content-Type: text/plain; charset=us-ascii
>
> Well, there's a UUID in that URL, but I just tried using it for the ClientUUID and got "The user cannot signon because he or she entered an invalid user ID or password." Using the one scraped from Quicken for MacOS and reported in https://lists.gnucash.org/pipermail/gnucash-devel/2021-February/045690.html works.
>
> That leads me to believe that USAA is using the ClientUUID as an API key. Quicken may have registered one or many. I think the only way to find that out is for more users to set up MITMs with different versions of Quicken and retrieve the ClientUUIDs for comparison.
>
> This makes me a bit leery of publishing it on the wiki, because if Quicken or USAA catch on that it's been compromised they might change it and lock us out again.
>
> Regards,
> John Ralls
>
More information about the gnucash-user
mailing list