Howdy,
I've just received the email saying we will now be logged out of MYOB if we don't use it for 20-30 minutes, then we have to manually type in our email address and password - again.
While I'm sure we all appreciate the pressures on data security, I think this is way too quick to log people out, much less having to type passwords over and over during the day.
I run a small business with 5 fulltime staff, I get called away to help with things and help them get work done, take phone calls, attend online meetings, this means I'm probably going to have to log in 4-5 times per day, and I'm of the opinion typing in your password would leave you more vulnerable to attacks than having a software package open on your desktop.
2 hours and you're logged out maybe, 20-30 minutes is crazy.
Thanks,
Jason
100% agree. We have 70 people, and other than payday i might use MYOB for 2 hours out of the day. However, the PC is not unattended. I am sitting at my desk, doing other work on my computer.
When i walk away or am inactive, my PC locks itself after a few minutes, so I don't then need MYOB locking up as well.
I do hope MYOB allows us to disable this "inactivity feature" for the desktop version.
I can't imagine that the bulk of your customers are using MYOB for 8 hours a day.
It's already annoying enough that we now need to sign in every day.We’ve been shut down Roger, MYOB still not listening to their customers.
Can't believe they've shut down this post so quickly - maybe because is another DREADFUL idea.
I too have a small business and I'm up and down from the PC the whole time I'm working - 2 factor authentication was becoming enough of an annoyance and now we have to do this ..... EVERY 20 Minutes.
MYOB is quickly becoming unworkable - changes for no good reason and absolute overkill on security.
Please consider extending it to a minimum of 1 hour preferably two.
And, maybe just maybe - start listening to your users
I also want to confirm, that the inactivity timeout does not require 2FA
This is a login only requirement and you will need to do your email and password.
IF you are inactive between 20-30mins. It is not something that will be prompted every 20minutes if you are active in the software as your comment indicates
Find out more:
This is absolutely ridiculous! How do you expect people to be pulled away for other work related activities and come back to sign in every time an invoice is required to be written?
you also need to take into account small businesses that use MYOB just to invoice - will they be logging in 6 times a day? This is extremely inconvenient.
2 hours is a more efficient time frame.
This is one of the worst decisions MYOB have made. This means I will be having to log in on multiple computers multiple times a day.
Was this put out to your customers who use the product on a daily basis before making this change.
This seems like the cheapest way to keep our information secure. Maybe MYOB need to look into ways to keep our information secure without causing further disruption to our business
Good to hear you listen to your customers, really appreciate you wasting my time.
Don't ever send me a survey again, you clearly don’t care what your paying customers think, and just shut down things you know people don’t like.
It’s a **bleep** idea, and I would still say the greater risk is typing a password 10 times each day, but hey, you don’t care!
Hi JRFisher , transparency when we know that something cant or wont be done should provide a better outcome for our community members.
It would of course be easier to leave the idea open, say we are 'looking into it' or variations of this knowing there would be less negativity. But we want to be upfront.
Both the 24 hour 2FA and our inactivity timeouts are mandatory requirements rather than purely decisions from MYOB. We've worked with the ATO to deliver these changes in line with their requirements
Looks like another paying customer agrees with me, great work!
MYOB should be welcoming all feedback - good or bad, and this is a very limiting time frame and an annoyance rather than a feature.
Its frankly amazing that there is "unlikely we will explore..." even in the environment>
Hi dramafarma , we have only closed this post as it is in our ideas exchange. And because these changes are a mandatory requirement - they are not able to be changed.
However we are still very much open to feedback and discussions. There are multiple threads in the forum happening including responses to my pain post hereWe should be given the ability customise security settings with options for short time periods and custom time periods, or turn off altogether. This was one reason why I praised MYOB over Xero - not having to log back in all the time - ADVANTAGE LOST!
Hi jeffrogers , depending on the software you are using there has been a change to this.
For AccountRight desktop we have rolled back the 30min inactivity timeout change.
We may look to introduce this as an optional feature in future.
Forget 20-30 minutes! I am being locked out 5 SECONDS after logging in and that is without any inactivity! This is ridiculous. I am unable to do anything before getting kicked out. I couldn't even stay in long enough to see my serial number so I could raise an issue.
I love how MYOB wash their hands of it - "it's not us, it's mandatory" i.e. the ATO. What a cop out.
What MYOB is really saying "our software isn't safe so it has to be turned off every 20 minutes"
find this constant having to resign in a annoyance....im the only one using the computer...can we have the option to disable it....i can just deal with having to do the authenication every day (annoying as it is) but to have to keep constantly sign in is time consuming....i can understand in a big organisation. we have only one person in a home office using MYOB....or allow us to increase how many times we have to sign in.
