The case for two-factor authentication
Wanda Reynolds’ decision to become involved in MYOB’s two-factor authentication (2FA) trial came down to one thing: trust.
Along the way she’s strived to ensure her clients have total trust in her processes.
“You build this level of trust. It builds like an onion layer and the longer that you’re in those relationships, the more you’re responsible for your position of trust that they have given you,” said Reynolds.
“If they thought that I wasn’t doing the right thing or the best thing by them, they would find someone that they could have that trust in.”
She’s been working with MYOB for a while now, providing feedback on the soon-to-be-released two-factor authentication feature to be used for AccountRight, Essentials, my.MYOB and other products and services.
Her involvement in the pilot was borne out of an approach she made late last year with security questions.
“I was in touch with MYOB before Christmas about some of my concerns. I was pleasantly surprised that I was then contacted to be invited to look at a pilot that MYOB was implementing in relation to improving the security functions of the online files,” said Reynolds.
“To me it was a very important aspect so that it gave me a little bit of assurance that they were listening to partners and they were as interested in doing the best thing for their clients’ software.”
Why 2FA is so important
Two-factor authentication is becoming more and more important in our increasingly digital world.
There’s nothing new about it, of course – signing into a new Apple device requires two-factor authentication (your password and a code generated in your phone), for example.
MYOB’s focus on two-factor authentication takes security to the next level.
“We’ve gone down the two-factor path to futureproof our clients and partners against threats that potentially don’t exist yet,” said MYOB’s Natalie Bloss, who’s acting as project connector on the pilot.
“While the current iteration of the process is simple, we’re anticipating a future where biometrics for instance plays a bigger part in security authentication.”
MYOB’s two-factor authentication at a glance
- User enters their email address and password
- A code is generated by the user’s phone
- User enters code to login
- Credentials can be ‘remembered’ for 30 days on each device
For Reynolds, the authentication pilot has been unobtrusive – almost too unobtrusive:
“I was asked yesterday about whether it was impacting me and I thought, ‘Well, I don’t even know it’s there!’ I’m on this pilot, I’ve done what I’d been asked to do on the first day, and it hasn’t come up again because I’ve been working in my office,” she said.
“But today I was out with a client and when it challenged me I thought, ‘This is what it’s supposed to do!’ It’s wonderful.”
MYOB’s authentication method allows a user to be remembered on a trusted device, which takes away the hassle of constantly having to authenticate when logging in repeatedly throughout a day’s work.
New logons on other devices, whether mobile phone, computer, or tablet, requires the full authentication process.
So, what advice does Reynolds have for partners regarding two- factor authentication with MYOB solutions?
“I would say to them we have been entrusted with a high level of information from our clients. Their money to pay their wages, their bills, so why wouldn’t we use it if MYOB has gone to the trouble of listening to us? Why wouldn’t you then use something that has very little impact on you and therefore gives you a level of security that we didn’t have before?”
Want to learn more about two-factor authentication and how it can help your business? You can learn more here