JasonFisher's avatar
JasonFisher
Experienced Cover User
5 days ago
Status:
Closed

Inactivity sign out

Howdy,

I've just received the email saying we will now be logged out of MYOB if we don't use it for 20-30 minutes, then we have to manually type in our email address and password - again.

While I'm sure we all appreciate the pressures on data security, I think this is way too quick to log people out, much less having to type passwords over and over during the day.

I run a small business with 5 fulltime staff, I get called away to help with things and help them get work done, take phone calls, attend online meetings, this means I'm probably going to have to log in 4-5 times per day, and I'm of the opinion typing in your password would leave you more vulnerable to attacks than having a software package open on your desktop.

2 hours and you're logged out maybe, 20-30 minutes is crazy.

Thanks,

Jason

  • 100% agree.   We have 70 people, and other than payday i might use MYOB for 2 hours out of the day. However, the PC is not unattended.  I am sitting at my desk, doing other work on my computer.
    When i walk away or am inactive, my PC locks itself after a few minutes, so I don't then need MYOB locking up as well. 

    I do hope MYOB allows us to disable this "inactivity feature" for the desktop version. 
    I can't imagine that the bulk of your customers are using MYOB for 8 hours a day.
    It's already annoying enough that we now need to sign in every day.  

    • JasonFisher's avatar
      JasonFisher
      Experienced Cover User

      We’ve been shut down Roger, MYOB still not listening to their customers. 

    • dramafarma's avatar
      dramafarma

      Can't believe they've shut down this post so quickly - maybe because is another DREADFUL idea.

       

      I too have a small business and I'm up and down from the PC the whole time I'm working - 2 factor authentication was becoming enough of an annoyance and now we have to do this ..... EVERY 20 Minutes.

      MYOB is quickly becoming unworkable - changes for no good reason and absolute overkill on security.

      Please consider extending it to a minimum of 1 hour preferably two.

       

      And, maybe just maybe - start listening to your users

      • MikeG1's avatar
        MikeG1
        Admin

        I also want to confirm, that the inactivity timeout does not require 2FA
        This is a login only requirement and you will need to do your email and password.
        IF you are inactive between 20-30mins. It is not something that will be prompted every 20minutes if you are active in the software as your comment indicates
        Find out more: 

        • For Australia here
        • For New Zealand here
  • This is absolutely ridiculous! How do you expect people to be pulled away for other work related activities and come back to sign in every time an invoice is required to be written? 

    you also need to take into account small businesses that use MYOB just to invoice - will they be logging in 6 times a day? This is extremely inconvenient. 

    2 hours is a more efficient time frame. 

  • This is one of the worst decisions MYOB have made.  This means I will be having to log in on multiple computers multiple times a day. 

    Was this put out to your customers who use the product on a daily basis before making this change.

    This seems like the cheapest way to keep our information secure.  Maybe MYOB need to look into ways to keep our information secure without causing further disruption to our business

     

  • AmandaCL's avatar
    AmandaCL
    MYOB Moderator
    Status changed:
    New
    to
    Closed

    Hey JasonFisher 

    These changes were done to keep your account secure. I've closed this idea as it's unlikely we will explore changing the login requirement.

    • JasonFisher's avatar
      JasonFisher
      Experienced Cover User

      Good to hear you listen to your customers, really appreciate you wasting my time. 

      Don't ever send me a survey again, you clearly don’t care what your paying customers think, and just shut down things you know people don’t like.

       

      It’s a **bleep** idea, and I would still say the greater risk is typing a password 10 times each day, but hey, you don’t care! 

      • MikeG1's avatar
        MikeG1
        Admin

        Hi JasonFisher , transparency when we know that something cant or wont be done should provide a better outcome for our community members. 
        It would of course be easier to leave the idea open, say we are 'looking into it' or variations of this knowing there would be less negativity. But we want to be upfront.
        Both the 24 hour 2FA and our inactivity timeouts are mandatory requirements rather than purely decisions from MYOB. We've worked with the ATO to deliver these changes in line with their requirements

    • JasonFisher's avatar
      JasonFisher
      Experienced Cover User

      Looks like another paying customer agrees with me, great work! 

    • MYOB should be welcoming all feedback - good or bad, and this is a very limiting time frame and an annoyance rather than a feature. 

       

      Its frankly amazing that there is "unlikely we will explore..." even in the environment>

  • Hi dramafarma , we have only closed this post as it is in our ideas exchange. And because these changes are a mandatory requirement - they are not able to be changed.
    However we are still very much open to feedback and discussions. There are multiple threads in the forum happening including responses to my pain post here