Update -Improved Security- 2FA changes
We have recently taken measures to deliver new security functionality to provide contextual and adaptive multi-factor authentication (MFA) controls. As a result, MFA now takes into consideration a range of factors including user’s location, device & behaviour patterns to determine the level of authentication required.
By analysing contextual information like time of day and user location, our MFA can identify if additional authentication measures are necessary. This approach aims to reduce user effort, whilst maintaining a high level of security.
However, we have reviewed concerns raised by our customers.
What we’ve heard:
- I want to be prompted for a login more frequently (7 days is not sufficient, unless I have the option to select this frequency)
- I want to understand MFA and login requirements.
- I want to understand my role in securing sensitive information.
What we’re doing:
- Reverting login frequency to 12 hours. Users will be prompted to login after 12 hours, as they were previously.
- Users can select "Trust this device for 30 days", however may be prompted more frequently if additional authentication is required.
- We recommend users log out at the end of every session, via the product menu.
What you need to do:
We will provide further updates on these changes for all customer via our channels and MYOB Community Forum.