I've been wondering about this as more and more services are asking me to do it via this same "Plaid" service. (I don't do it. I can't use some services. Cashapp mobile didn't want to let me withdraw cash without it; I figured out a way to on cashapp desktop).

Plaid is a company/service literally built around asking people to supply their bank username and password to a third party. (who then stores them (in cleartext, right?) for continued use!) I find it pretty astonishing.

(It's also literally training users to be phished, no?)

I'd be curious to see an article about it, with some details and context.

Here's a StackExchange discussion on it, and what a nightmare it is https://security.stackexchange.com/questions/198005/is-plaid...

I see a link to a lawsuit against Plaid in that discussion, but it's from 2020.

Interestingly, this page has someone claiming it's possible to register on Plain using ACH info https://teslamotorsclub.com/tmc/threads/for-those-hesitant-t...

This method is sometimes allowed, sometimes not. I'm not certain if it's an option the client who is using Plaid sets or if it's sometimes available based on the financial institution.