Blog Post

MYOB Announcements
1 MIN READ

Get ready for enhanced security measures

MikeG1's avatar
MikeG1
MYOB Moderator
15 days ago

Over the coming months we are rolling out enhanced security measures designed to provide additional protection and help prevent unauthorised access. Here’s what you need to know.   

 

What’s changing? 

From 30 September, login and two-factor authentication (2FA) will be required at least once every 24 hours for the following products:  

  • MYOB Business  
  • MYOB AccountRight (browser and desktop)  
  • MYOB Connected Ledger  
  • MYOB Practice  

Learn more here

 

How to prepare 

Set up multiple 2FA methods to receive your verification codes, such as an authentication app or SMS. This will help you to avoid sign-in hassles that can occur if you can't access your codes via your usual 2FA method.  

   

Don’t forget, individuals must have their own login, and 2FA, to access our software. This means, no sharing of login details between team members. This includes you, your team members and your clients. 

 

Set up now

 

Cheers, MYOB!

Published 15 days ago
Version 1.0
announcements
Tips
  • MickyH75's avatar
    MickyH75
    Experienced User
    8 days ago

    Which genius decided that 2FA every 24h was a good idea? It should be up to an organisation to set its own policies on security not you as the software provider. It's bad enough that the desktop version doesn't even save the last user like it did for a while. Please change it so that I as the company administrator can choose what level I want for my companies (we have 21 separate files).

  • MikeG1's avatar
    MikeG1
    MYOB Moderator
    8 days ago

    Good morning MickyH75 ,

    MYOB is doing what we can to provide security improvements that prevent unauthorised access to our customers software.
    We are also ensuring that we are meeting all of the ATO's compliance requirements and continue to apply best practice security process to all of our software.

    We are making this change easier for our customers by introducing the ability to have multiple methods of 2FA, and I recommend that you head to myaccount.myob.com to set up a secondary 2FA method as soon as possible.

    2FA has always existed with our software and we don't provide the ability for customers to choose how this operates so that all of our customers are secure and meeting regulatory compliance standards.

    The short version of this change is that previously, you had the option to 'trust this device' for 30 days, but from the 30th, this will no longer be available and 2FA will be required at least once every 24 hours.  

    • MickyH75's avatar
      MickyH75
      Experienced User
      7 days ago

      Hi MikeG1 Every 30 days is acceptable. Every 24h isn't. We're using the desktop app and will continue to do so as long as it is available or we move to a different provider. I could understand if this was rolled out just for the browser version but to make it for the desktop version as well seems over the top. We use SAP B1 for one of the companies in the group and it doesn't even use 2FA.

      • MikeG1's avatar
        MikeG1
        MYOB Moderator
        7 days ago

        Hi MickyH75 , there are a couple of extra points I can clarify here.
        Thanks for your questions, I will update our main post about this change as well.

        2 key messages/updates:

        • 2FA is prompted on login to your account, and not for each file
          So changing between your 21 files after you have signed in, will not prompt for any further 2FA verification
        • This is only for online files
          The comms does mention AccountRight Desktop, but we neglected to be specific this is only for online, if you have using a local, offline, desktop file in AccountRight you may not be prompted for 2FA