Mint and Personal Capital are both services that can link to your online accounts to track your spending and net worth. To accomplish this, you must provide Mint and Personal Capital the username and password to your bank accounts.
Some Banks Will Tell You You're Liable for Fraud
Some banks will state in their online services agreement that you are liable for fraudulent transactions on your account if you reveal your username and password to a third party. For example, Chase says
If you disclose your Card numbers, account numbers, PINs, User IDs, and/or Passwords to any person(s) or entity, you assume all risks and losses associated with such disclosure. If you permit any other person(s) or entity, including any data aggregation service providers, to use the Online Service or to access or use your Card numbers, account numbers, PINs, User IDs, Passwords, or other means to access your accounts, you are responsible for any transactions and activities performed from your accounts and for any use of your personal and account information by such person(s) or entity.
Federal Reserve Regulations Say These Banks are Wrong
Federal Reserve regulation E prevents banks from increasing consumers' liability for fraudulent transactions even in the case of consumer negligence.
- Consumer negligence. Negligence by the consumer cannot be used as the basis for imposing greater liability than is permissible under Regulation E. Thus, consumer behavior that may constitute negligence under state law, such as writing the PIN on a debit card or on a piece of paper kept with the card, does not affect the consumer's liability for unauthorized transfers. (However, refer to comment 2(m)-2 regarding termination of the authority of given by the consumer to another person.)
Any institution can write whatever they want into their terms of service, but it doesn't mean it's actually enforceable.