Howdy,
I've just received the email saying we will now be logged out of MYOB if we don't use it for 20-30 minutes, then we have to manually type in our email address and password - again.
While I'm sure we all appreciate the pressures on data security, I think this is way too quick to log people out, much less having to type passwords over and over during the day.
I run a small business with 5 fulltime staff, I get called away to help with things and help them get work done, take phone calls, attend online meetings, this means I'm probably going to have to log in 4-5 times per day, and I'm of the opinion typing in your password would leave you more vulnerable to attacks than having a software package open on your desktop.
2 hours and you're logged out maybe, 20-30 minutes is crazy.
Thanks,
Jason
21 Comments
I also want to confirm, that the inactivity timeout does not require 2FA
This is a login only requirement and you will need to do your email and password.
IF you are inactive between 20-30mins. It is not something that will be prompted every 20minutes if you are active in the software as your comment indicates
Find out more:Hi dramafarma , we have only closed this post as it is in our ideas exchange. And because these changes are a mandatory requirement - they are not able to be changed.
However we are still very much open to feedback and discussions. There are multiple threads in the forum happening including responses to my pain post hereMYOB should be welcoming all feedback - good or bad, and this is a very limiting time frame and an annoyance rather than a feature.
Its frankly amazing that there is "unlikely we will explore..." even in the environment>
Can't believe they've shut down this post so quickly - maybe because is another DREADFUL idea.
I too have a small business and I'm up and down from the PC the whole time I'm working - 2 factor authentication was becoming enough of an annoyance and now we have to do this ..... EVERY 20 Minutes.
MYOB is quickly becoming unworkable - changes for no good reason and absolute overkill on security.
Please consider extending it to a minimum of 1 hour preferably two.
And, maybe just maybe - start listening to your users
Awesome, so you’re doing something your customers don’t want, not listening to the issues, implementing a system which is less secure, shutting down any chat around it, then blaming the ATO who pay you how much for your product?
Hi JRFisher , transparency when we know that something cant or wont be done should provide a better outcome for our community members.
It would of course be easier to leave the idea open, say we are 'looking into it' or variations of this knowing there would be less negativity. But we want to be upfront.
Both the 24 hour 2FA and our inactivity timeouts are mandatory requirements rather than purely decisions from MYOB. We've worked with the ATO to deliver these changes in line with their requirementsWe’ve been shut down Roger, MYOB still not listening to their customers.
Looks like another paying customer agrees with me, great work!
Good to hear you listen to your customers, really appreciate you wasting my time.
Don't ever send me a survey again, you clearly don’t care what your paying customers think, and just shut down things you know people don’t like.
It’s a **bleep** idea, and I would still say the greater risk is typing a password 10 times each day, but hey, you don’t care!
- Status changed:NewtoClosed
Hey JRFisher
These changes were done to keep your account secure. I've closed this idea as it's unlikely we will explore changing the login requirement.
