Thank you for visiting our Partner Zone. This area is an exclusive space for MYOB Partners. Find out how to Partner with MYOB.
October - last edited October
We have recently taken measures to deliver new security functionality to provide contextual and adaptive multi-factor authentication (MFA) controls. As a result, MFA now takes into consideration a range of factors including user’s location, device & behaviour patterns to determine the level of authentication required.
By analysing contextual information like time of day and user location, our MFA can identify if additional authentication measures are necessary. This approach aims to reduce user effort, whilst maintaining a high level of security.
However, we have reviewed concerns raised by our customers.
What we’ve heard:
What we’re doing:
What you need to do:
We will provide further updates on these changes for all customer via our channels and MYOB Community Forum.
It would be nice to have some security. I can still just click on MYOB on my desktop and I am in. It's been far too long and writing about how important and good you are about security and then not fixing this issue that has been going on for over a week and a half is riduculous.
I need to be able to log into more than one Myob account simultaneously.
The changes Myob has made to logging in are not "Improved Security", in fact, it's the complete opposite not to mention the accessibility issues. I have users of varying IT abilities, some of whom are elderly and have difficulty with adding a new online file every time they need to change the company file they're working on, this means I must actively supervise each login change.
I'm sorry, how are you actually "improving security"?!?! Removing the requirement to enter a password when logging in has totally removed all security for this program. At least when we previously selected "trust this device for 30 days", we still had to enter a password to login to the program and select the client files we wanted to work in. Now, all I have to do is click on the MYOB icon on my desktop and I can access any file I want, with no password or any other kind of 2FA required to access the files. This is highly unsecure!! If the security on my computer was to be breached, anyone would have direct access to all of my client files. And who is going to be liable for that??? MYOB??? Is my cyber security going to cover any claim for this???
And I notice that the new update released yesterday/today has not fixed this issue!
MYOB - you need to get this issue sorted out ASAP, unless you are happy to lose clients in droves because that's what is going to happen. We are already looking at moving clients out because you can't provide a secure environment for our client's important data. And if you don't just lose clients, you will more than likely end up getting sued when someone's client's data is breached due to your lack of security.
I am not being asked to log on at all. There is zero security.
Why didn't Myob inform it's customers of these changes?
Tip: Put a logout shortcut on the Myob home page.
This is not improved security. Anyone who has access to my computer and the other computer that has MYOB on it, can log in automatically. No password, no authenticator number.
Your 'improvement' is certainly NOT an improvement.
Insurance company certainly will not be happy that our MYOB program can be accessed by anyone who uses the computers.
I'd like to be very clear here, the changes MYOB have made has compromised security!!!
When users now exit out of MYOB via the options of either closing the program window using the X or selecting File>Exit, they can now open the program without ANY requirement to log in using a password. MYOB will immediately lauch the program without any password OR 2FA authentication!!!!!
Previously when you closed the program, you would have to login using a password. Why did MYOB change this and how can you possibly purport that this improves security?
The situation now, is that anyone who has access to my computer could simply open the program and have access to MYOB WITHOUT having to actually login in using a password.
I'm sorry, but I fail to see how this is an Improved Security measure. Are you aware that other programs such as Xero & Quickbooks, require you to login with a password and Xero requires 2FA everytime you login. Both these programs will also time you out of the program after a period of time, also requiring you to use a password and 2FA to log back in to the program.
If the MYOB program is exited in any way, as a matter of security it should require you to login using a password. No system should allow you to open the program without any authentication or password at all.
Well said Lmcstack