Secure User Login

Did You Know...

Did you know that your payments can be set up for automatic withdrawal from your checking or savings account each month? Go to the Payment Options tab and eliminate writing checks each month.

Save Time and Money

Use Online Banking to manage your personal finances. Available to you 24 hours a day, 7 days a week from any internet connection, your banking is always at your fingertips. In addition, because we secure your account with one of the best encryption technologies available, you'll feel safe doing all of these things and more. And best of all it's FREE! Get started today.

Site Help

To use the Mortgage Center website, you must have the following:

  • One of the following Internet browsers:
    • Internet Explorer versions 9, 10, or 11
    • Mozilla Firefox version 16
    • Safari – version 6
    • iPad running iOS6 - Safari
    • Android 4.04/Ice Cream Sandwich - Android Browser 18
  • Ad blocking browser extensions/software disabled
  • Acrobat® Reader versions 8.0 or 9.0
  • A valid and active email account Mortgage Loan Account number with Mortgage Center
  • Social Security Number and Property Zip Code

Once you have all of the above, you are ready to logon to register yourself on the Mortgage Center website and manage your Mortgage loan account.

Creating your Account

Enrolling for access:

Click “Enroll Now”

Accept Terms:

  • Read through Terms and Conditions agreement
    • Make and confirm selection 

      User Profile:

  • Enter following information
    • First Name
    • Middle Initial (not required)
    • Last Name
    • Account Number (if multiple loans, only use one)
    • Mailing Address Zip Code
    • Social Security Number (all 9 digits)

Click “Continue”

Create User Id and Password:

  • Create user id:
    • Must be 5-20 characters
    • Contain alpha and/or numeric characters
  • Create new password & confirm new password
    • Must be at least 8 characters
    • Contain lowercase alpha character
    • Contain uppercase alpha character
    • Contain numeric character
    • Cannot contain user id
  • Enter and confirm email address

    Click “Next”

    Select Security Image:

  • Select a security image to verify when logging in

    Click “Next”

  • Type in Security Image Name to include with verification process

    Click “Next”

  • Set Security Questions
    • Select a question from each set (total of 4)
    • Answer and confirm answer for each question
      • Answers are case sensitive
      • Click on “Show Answers” box to see what is being typed
      • Same answer cannot be used for all questions

        Click “Next" 

  • Verify Details

    Look over all information provided and verify (Clicking “Show Answer” box will only populate answers to security questions)

    Click “Submit”

  • Finish
    • Message indicating registration was successful and that an email was sent to the email address registered with the enrollment to activate account
  • In email inbox look for an email from Mortgage Servicing with the subject line “User Account Created”
  • To activate account, click on the link in the email
Logging On
You can logon to Mortgage Center website using your provided User ID and Password.In the Secured Account Login panel (left sidebar of the Mortgage Center website),If you do not have a User ID and Password, you will need to register yourself on the Mortgage Center website.For more information on how to register on the Mortgage Center website, see Creating your Account.

Click Log in to complete the login process.
Recover User ID
To recover your user id, click User ID in the Forgot User ID or Password link. The Recover User ID page displays.

Follow these steps to recover your User ID:
  1. Enter your registered Email. This is the same email address that you specified while registering at the Mortgage Center website.
  2. From the Security Question drop-down menu, choose the security question you had opted for while registering yourself at the Mortgage Center website.
  3. In the Security Question Answer field, enter the answer you selected for your security questions while registering yourself on the Mortgage Center website. The information that you enter here must match the options you selected while registering yourself on the Mortgage Center website.
  4. In the Enter Code Shown field, please enter the letters as they appear in the dynamically generated image. This helps prevent automated programs from abusing this service. If the letters are not readable, click the (rotating arrows) icon to request for an alternate dynamically generated image.
  5. Click Recover to submit your request.
  6. Log in to your registered email Inbox and look for an email with the subject line as “User ID Recovery." Open this email and click the Click Here link to view your User ID. Click OK to go to the Mortgage Center website homepage.
NOTE:The Recover User ID link is active only for 24 hours. If you fail to click this link within 24 hours, you shall have to restart the Recover User ID process.
Recover Password
The Mortgage Center website allows you to recover your password, if you have forgotten or misplaced it.To recover your password, go to the Mortgage Center Login page.

Click Password in the Forgot User id or Password link.The Recover Password page displays.In the Reset Password page:

  1. Enter User ID that you selected while registering yourself on the Mortgage Center website.

  2. From the Security Question drop-down menu, choose the security question that you had selected while registering on the Mortgage Center website.

  3. In the Security Question Answer field, enter the answer you selected for your security questions while registering yourself on the Mortgage Center website. The information that you enter here must match the options you selected while registering yourself on the Mortgage Center website.

  4. In the Enter Code Shown field, please enter the letters as they appear in the dynamically generated image. This helps prevent automated programs from abusing this service. If the letters are not readable, click the (rotating arrows) icon to request for an alternate dynamically generated image.

  5. Click Recover. If the information that you enter is validated by the Mortgage Center database, a reset password link is sent to your registered email id.

  6. Log in to your registered email Inbox and look for an email with the subject line as “Account Password - Reset." Open this email and click the Reset Your Password link to be redirected to the Mortgage Center Website page, where you are asked to enter and confirm a new password. The Reset Password link is active only for 24 hours. If you fail to click this link within the stipulated time, you shall have to request to reset password.
Changing your Password

Mortgage Center understands the threats that malicious hackers and automated programs pose to the personal and highly sensitive financial information that its customers have stored in the databases. 

To thwart any malicious attacks,Mortgage Center has embedded the latest security technologies to ensure your privacy and financial information is not compromised. As a customer you too can take a few precautions to further enhance your security.

As a customer you too can take few precautions to further enhance security of your data. To change your password:

  1. Log in the Mortgage Center website, and click Manage Profile link at the top right-hand corner of the page and choose Change Password.The Change Password dialog box displays.

  2. In the Change Password  dialog box:

    a) Enter 
    Current Password.

    b) Enter New Password.

    c) Re-enter password in Confirm Password field.

  3. Click Change to change the password.On successful change of password, you will be automatically logged out and returned to the homepage for security reasons.

Tips for Choosing Strong Passwords

The following guidelines should help you in choosing a strong password:
  • Avoid passwords that are based on personal information such as birthday, marriage anniversary and so forth.
  • Don't use words that can be found in any dictionary of any language.
  • Ensure that the password is between eight and ten characters in length and it contains at least one each of the following:

    Mandatory– One Upper case, One Number, One Special Character Allowed

    Special Character– Any of these à@#$%^&+

  • Change passwords frequently and remember it.
Security Policy

Mortgage Center values your trust, and we understand that handling your financial information with care is our most important responsibility. So, only those who provide the products or services you might need are authorized to have access to your financial information.

Our Security Policy: We operate under a detailed, rigorous information security policy designed to protect the security and confidentiality of your information. The Information Security Program is subject to ongoing regulatory oversight and examination.

How Does Browser Security Work?
Recent versions of most internet browsers support the encrypted transmission of on-line documents and the data you enter on a web page. This means that instead of sending readable text, both your browser and the website's secure server encode all text using a security key. That way, personal data sent to your browser or data you send back would be extremely difficult to decode in the unlikely event it was intercepted by an unauthorized party. The key used for encoding is a random number that is unique to your session at the secure website.

There are two grades of internet security: International-grade encryption uses a 40-bit random number negotiated between your browser and the web-server. This means that only one out of about 1,000,000,000,000 possible decoding keys can be used to decipher your data. Domestic-grade encryption uses a 128-bit key, so that the number of possible keys is vastly larger. This site uses the highest grade of encryption supported by your browser and your internet connection. 
How Do I Know If Security Is Operating?
Your internet session is encrypted if your security-enabled browser is connected to a website using the Secure Hypertext Transport Protocol. URL strings beginning with "HTTPS://" instead of the usual "HTTP://" indicate that the secure protocol is in effect. Your browser may also tell you if security is operating. 

For example, Mozilla's Firefox will display the icon in the lower right corner of your screen in secure mode. Microsoft Internet Explorer shows an icon or the address bar may be a different color. Note that security may be operating without any visible indication if the web page you are viewing employs frames (see below). 

If secure transmission is not in effect or only part of a frame-based page is secure, Firefox shows the "red-slashed lock" icon , and Explorer does not show the “lock” icon.

Most browsers can be set to give you a pop-up announcement when you enter or leave a secure web page. In Firefox, these settings are on the Security section when you select "Options" on the Tools menu. In IE, the setting is on the "Advanced" tab when you select "Options" on the View menu.

Secure Mode and Frame-Based Web Pages

Security may be operating without displaying any security icons (or Firefox may show the "red-slashed lock" icon) if only part of a frame-based page is employing security. You can verify the security of a page within a frame by opening it in a new browser window. Both IE and Firefox allow you to open a link in a new window by right-clicking on the link and selecting that option from the pop-up context menu. 

When a secure page is open in its own window, instead of being viewed within a frame, you can then see the security icons provided by your browser as well as the "https://" secure protocol prefix in the URL string.
What are Shared Secrets?
Shared secrets are the most common security method for accessing confidential information. A shared secret is something known to both the user and the holder of the confidential information. The most common shared secrets are a user ID and password. These shared secrets allow the user to log into the site of the holder of confidential information such as a financial institution or online merchant. Shared secrets form an integral part of user authentication in today's online environment.

Protecting Your Shared Secrets Protecting your shared secrets ensures that information accessed via those shared secrets is protected. You should never record your shared secrets electronically such as in documents or spreadsheets. In the event of a compromise of your computer hard drive, your shared secrets can be compromised as well placing all the data protected by those shared secrets at banks and merchants at risk. Likewise you should never store credit card numbers, expiration dates, bank account number, social security numbers, driver’s license number or other personal identifying information electronically on your computer for the same reason.

Your shared secrets should never be revealed in response to unsolicited e-mails. Criminals attempt to obtain individual’s personal identifying information and use that information illegally such as to open and/or use credit cards, obtain phone or utility accounts, obtain loans, work, open bank accounts and/or pass fraudulent checks using a technique called "phishing". Criminals may also attempt to obtain that information over the phone posing as a survey taker, telemarketer or other unsolicited caller ("pretexting").

Common Shared Secrets

To minimize the potential compromise of your shared secrets, you should avoid commonly used secrets such as names (yours, your spouse's, your children's, parents), common terms that appear in the dictionary (brute force attacks to crack passwords often use dictionaries in an attempt to randomly match the password), exclusively numbers (numbers range from 0 to 9 for each character where letters range from A to Z creating 26 potential variations or 52 if case sensitive). The best passwords are a combination of both letters and numbers where the letters do not spell words that could be found in a dictionary and the password is of sufficient length, 6 characters or preferably more, to make brute force attacks harder.

We suggest you do not use shared secrets across multiple domains (e.g. websites). If you use the same logon and password while shopping or surfing online as you use for your bank, if one of the online merchant sites is compromised, your user ID and password could then be used to access your bank information. Not all websites apply the same level of security to their database. The use of a single logon ID and password across multiple sites is only as secure as the least secure site.
What Do I Do If My Shared Secrets are Compromised?

Immediately change your shared secrets with all sites on which you have used the same shared secrets. Follow the instructions  What Should I Do if I Become a Victim of Identity Theft?

Safeguarding Social Security Numbers

Tips to Protect Your Social Security Number

  • Carry only necessary identification with you. Don't carry your Social Security card.

  • Never provide your Social Security Number unless you have initiated the contact and have confirmed the business or person's identity

  • Do not use your full or partial Social Security Number as a Personal Identification Number (PIN) or as a password

  • If you must send your Social Security Number in an email ensure that the email is encrypted

  • Only enter your Social Security Number into internet web sites when the site is secure and you know how the recipient will protect it

  • Be cautious of your surroundings when disclosing your Social Security number, e.g. if a retail store requests your Social Security Number to look up your store credit card number

  • Do not transmit your Social Security Number over the Internet unless you know that the connection is secure or you have encrypted the Social Security Number

  • Be cautious when faxing your Social Security number, double check the fax number to ensure it is the correct number

  • Do not record your Social Security Number on a check, traveler's check, gift certificate, money order or other negotiable instrument unless required by law
We Safeguard Your Social Security Number

Our Privacy Protection Policy (1) protects the confidentiality of Social Security numbers, (2) prohibits unlawful disclosure of Social Security Numbers, and (3) limits access to Social Security Numbers. Our consumer customers can obtain more information by reviewing our privacy policy for consumers.
What is Identity Theft?
Identity theft is when someone takes and uses your personal information (such as your name, social security or credit card number) without your permission to commit fraud or other crimes. These criminals take the identities of others to open new credit cards; obtain phone or utility accounts, loans, or employment; open bank accounts; and/or pass fraudulent checks. According to the FBI, identity theft is the fastest growing crime in America.
How Does Identity Theft Occur?
Criminals gain access to personal information in many ways, but the most common method is to take it from the victim themselves. They steal mail (such as account statements, new checks and offers of credit) left in a mailbox, discarded in the trash or stored in an easy to get to location in your home or office. They take credit card and personal identification from your purse or wallet. Without knowing it, you may give the information directly to the criminal when you enter data at an unsecured or unknown website, or in response to a fraudulent request for account information through an unverified e-mail phishing. Imposters also ask for information from you by pretexting, tricking you into thinking it is someone you know, such as your bank.
What Happens to the Victim?
Identity thieves can damage the credit reputations and lives of victims. Studies have shown that victims spend an average of $808 and 205 hours resolving the identity theft. Time and money is spent clearing credit reports, reporting the theft to lenders and merchants, and filing complaints with law enforcement and governmental agencies. One of the menacing problems of identity theft is that it can happen more than once. Once the initial incident is resolved, the thief may begin using the victim’s identity again after waiting 6 months to a year and the cycle begins all over again.
How Can I Prevent Becoming a Victim?

Identity theft requires someone to gain access to your personal information. You can take steps to decrease the risk of someone stealing your information.

  • Destroy papers you throw out. Shred or completely destroy any documents that contain personal information before discarding them in the trash. This includes information about you, your family, your home, or your accounts such as credit card solicitations, pre-approved credit offers, convenience checks contained in your statements, bills, cancelled checks, loan offerings, ATM or credit card receipts, insurance or tax information. Just as important are receipts from ATM’s or self-service devices such as gasoline pumps. Don’t just leave them behind or throw them in the trash. Criminals only need a few pieces of information about you to get credit in your name and access your existing accounts.

  • Be careful who you give your information to over the telephone. Do not give out personal information such as your social security number, credit card or bank account numbers, or loan numbers over the phone to anyone who has called you without first confirming who you are speaking to, why they need the information and that they are who they claim to be.

  • Guard your PINs. Never give out your Personal Identification Number (PIN). Memorize your PINs and never write them on your cards or carry them in your wallet.

  • Report lost or stolen credit cards, checks or identification immediately.

  • Store your personal information securely. Keep it where it is not easily available in the event of a burglary or other unauthorized access.

  • Be cautious online. Be cautious when providing information at websites or with online merchants you do not have an existing relationship with. Always confirm that you are in a secure session before entering personal information online (see How Do I Know if Security is Operating?).

  • Check your credit reports. Review your credit report regularly to identify any inquiries or accounts that you are not aware of and did not apply for.

  • Protect your mailbox. If your residential mailbox is not secure, don’t put outgoing mail in the box and promptly pick up incoming mail or obtain a secure postal mailbox.

  • Safeguard your checks. Never print your personal information such as a Social Security Number or driver’s license number on your checks.
What Should I Do if I Become a Victim of Identity Theft?
  • Contact the three major credit bureaus







  • Ask them to send you a copy of your credit report and instruct them to place a fraud alert on your record. Once you receive the report, review it carefully. Contact any creditors listed that you did not apply for credit with and inform them that you have been a victim of identity theft. Instruct them to close the account, send you copies of the application and any transactions, and to promptly clear your credit record.

  • Contact your local police or sheriff’s department and file an identity theft complaint. 

  • File a complaint with the Federal Trade Commission* or call their hotline at 1-877-IDTHEFT (438-4338).

Identity Theft Resources 

Federal Trade Commission (FTC)*


Privacy Rights Clearinghouse*


Social Security Administration Fraud Hotline*


Identity Theft Resource Center*


Department of Justice*

Identity Theft Statistics*

US Postal Inspection Service*


Identity Theft Laws (by state)*


*Heartland Mortgage Center is not responsible for and has no control over the subject matter, content, information or graphics when viewing links attached to this website.

What Are We Doing to Assist in the Battle Against Identity Theft?

Protecting the confidentiality and security of our customers’ personal information is a priority for our family of companies. You can find more information in our Privacy and Security Policy. We understand the implications identity theft can have and take very specific steps to reduce the chance that identity thieves can damage the credit reputations of our customers. As a result, Mortgage Center has put multiple safety measures in place to combat identity theft.


We train key employees in customer identification and authentication. Our training is designed to reduce the chance of an account or loan being opened in your name without your permission. We regularly update training to educate our employees on changing trends in identity theft.

Law Enforcement

We coordinate with local, state and federal law enforcement when identity theft cases arise.

Reporting Identity Theft

If you think your identity has been stolen, affecting any of your loans or accounts with any of the companies in our family, or resulting in the establishment of a fraudulent relationship with us, please contact us immediately. The Identity Theft Complaint provided below should be completed and then faxed or mailed back to us at the address shown below. The Complaint, which requires Adobe Acrobat Reader, can be obtained below:

Phone:  1-866-845-2120


Mortgage Servicing Center
P.O. Box 360
Dubuque, IA 52004-0360

ID Theft Complaint Form:  ID Theft Complaint 

Our Code of Ethics: We have a strict code of ethics for all associates that require confidential treatment of your information. Any associates with access to information must complete privacy and information security awareness training annually. Mortgage Center also maintains physical, electronic and procedural safeguards to protect against unauthorized access to customer information.

Our Computer Security Plan: Keeping your financial and personal information secure and confidential is one of our most important responsibilities. Your information remains secure because our computer systems are protected in the following ways:

  • Computer anti-virus protection detects and prevents viruses from entering our computer network systems.

  • Firewalls block unauthorized access by individuals or networks. Firewalls are one way we protect our computer systems that interact with the Internet.

  • Secure transmissions ensure information remains confidential. We use encryption technology, such as Secure Socket Layer (SSL), to transmit information between you and us. This protects data in three key ways:

    1. Authentication
     ensures that you are communicating with us, and prevents another computer from impersonating the Mortgage Center.

    2. Encryption scrambles transferred data so it cannot be read by unauthorized parties.

    3. Data integrity verifies that the information you send to us is not altered during the transfer. The system detects if data was added or deleted after you sent the message. If any tampering has occurred, the connection is dropped.

  • Advances in security technology are constantly evaluated by our experts to ensure that we provide the right protection for you.  Secure email is provided, giving you peace of mind that your communications with us are always private.