I would like to state some concerning experiences I noticed when opening an account.
- Not able to disable MCX segment.
I am not interested in currency/commodity. When opening the account, you guys give a toggle to disable them, but then don’t allow me to proceed without enabling them. What is this forced account creation for those segments? Why give a toggle if I can’t disable it?
- Account opening form
You guys send an account opening form. In the email, it says “Kindly note, for security reasons your eSigned Account Opening Form is Password Protected”
The email also conveniently contains the password itself, because the PAN number is included in the filename.
What security practices are these?
- Account password
Also, when opening account, I noticed that password can only be under 12 characters. This is a bad password policy, discouraging people who use password managers to generate long passwords.
I moved to Dhan just today because of annoying experiences with Zerodha. However, such bad security practices are very worrying, especially since they indicate the lack of seriousness with which security is handled in Dhan.
Just a concerned new user, hope you take the criticism and work on changing these practices
1 Like
Give Dhan a spin and you are never going anywhere else. Quotes load faster and trade execution just might be the fastest anywhere you have seen.
Charts load in milliseconds and you can just rapid scroll your way through the watchlist on TV terminal.
1 Like
Hi @vishaln Welcome to Dhan and also to MadeForTrade community.
Thanks for sharing your feedback with us. We will evaluate if we can make changes, additionally please note that the account opening process at brokers are regularly audited by authorities from time to time and anything that isn’t right get corrected.
Notes to your specific comments:
a. Yes, we have accounts where users need to register on all exchanges, post account creation users have option to disable any segment they want. So you can do that for Currency and Commodity.
b. Feedback noted, will check. This is the first time we have got feedback on this, however these emails are delivered to your registered email address (not outside) which follow its own authentication protocols.
c. 12 characters is a lot for passwords. Usually 90% of passwords globally are under 12 characters and over 80% are typically 8-10 characters.
While these are fair feedback from user, these feedback isn’t related with security practices at all. There are far more comprehensive security practices that are followed and mandated by regulators.
1 Like
I meant it is like sending a locker with it’s key attached outside the locker
Thanks for noting the feedback