Skip to content

Two-factor authentication

These days a password isn't enough to protect your online data. That's why we use two-factor authentication (2FA) as a second layer of protection. It involves using something only you have access to: either your email inbox or a mobile device.

This makes it harder for unauthorised people to get into your MYOB software.

How does it work?

You'll still use your email address and password to sign into your online MYOB software.

Then you'll need to enter an authentication code to verify that it's you.

There's three ways to get this code:

  • via an authenticator app (recommended) on a mobile device (phone, tablet, etc.)—the code displays in the app

  • via email—the code is in an email sent to the address linked to your MYOB account

  • via SMS—the code is sent to your mobile phone via text message

Getting set up

The first time you access your online MYOB software, you'll be guided through the 2FA setup. For detailed steps on setting it up, see Setting up two-factor authentication.

To learn more about what 2FA method to choose, see Choosing which two-factor authentication method to use.

Once you're set up with mobile app or email 2FA, you'll be able to switch between these methods. See Switching between email and app two-factor authentication.

Changed phones? Find out how to set up mobile app 2FA on your new phone.

Signing in with 2FA

Sign in with authenticator app 2FA

AddAdd
  1. Sign in to your MYOB account as normal, using your email address and password.

  2. A screen appears asking for an authentication code:

    Get an authentication code from your authentication app

  3. Open your 2FA app and find the code.
    It will look something like this:

    auth apps

  4. Enter the code into the two-factor authentication screen, then click Continue and you're finished.

    If you don't want to use 2FA every time you sign in, tick Remember this device for 30 days before you click Verify, and you'll only need to put in a 2FA code once every thirty days (however, you may be prompted for a code more frequently if additional authentication is required). If you or anyone else tries to sign in to your account from another computer or browser, an authentication code will still be required. For more information on how this setting works, see Trust this device for 30 days.

Sign in with SMS 2FA

AddAdd
  1. Sign in to your MYOB account as normal, using your email address and password. When you click Sign in, a 6 digit code is sent to your mobile phone via SMS.

  2. Enter the 6-digit code and click Verify code.

    Prompt for SMS code

Don't have your phone?

Click I don't have access to my phone and follow the prompts to enter your recovery code (this code was provided when you set up SMS 2FA).

If you don't have a recovery code, ask MOCA, our virtual assistant, for help from any help page. If MOCA can't help, you'll be guided to our other support options, and our team will get you back up and running (have your account details on hand).

Sign in with email 2FA

AddAdd
  1. Sign in to your MYOB account as normal, using your email address and password.

  2. When you click Sign in, an email with an authentication code is emailed to you automatically. If you can't see the email in your inbox, check your junk mail, or check the troubleshooting section below.

  3. Copy the code in, then click Verify, and you're done.

    If you don't want to use 2FA every time you sign in, tick Remember this device for 30 days before you click Verify, and you'll only need to put in a 2FA code once every thirty days. If you or anyone else tries to sign in to your account from another computer or browser, an authentication code will still be required.

Log out when you’re done

It’s good security practice to log out at the end of every session.

Which 2FA method is right for me?

It's more secure and easier to use an authenticator app, however you'll be set up for email 2FA by default. As well as email or app 2FA, you can also set up SMS 2FA. Need more details? See Choosing which two-factor authentication method to use