Blog Post
Looking at all the above comments it should be clear to MYOB now that they need to immediately stop this rollout. Adding SMS as a mandatory requirement, reduces security and does not improve it at all. I rely on an authenticator app and I do not want someone who can clone my SMS access to be able to access MYOB and essentially bypass my authenticator app.
Why doesn't MYOB do what every other more progressive company is doing and support passkeys and stop this rollout ASAP.
Mike_MYOB and AmandaMYOB and essentially all of MYOB are missing the point here. The security of a system is only as strong as it's weakest link. In this case SMS is now the weakest link and the fact we use authenticator apps is now pointless.