I have been using QBO for some time now and have had multifactor auth enabled on the account using the Microsoft authenticator app. In the last couple of weeks it has been failing to prompt for MFA and further inspection shows that MFA has been disabled on my account, without my interaction.
On top of this the use of authenticator apps do not appear to be supported any longer only SMS, which is a huge backward step.
Have Intuit made changes to disable MFA on accounts and is the use of apps going to supported again?
Thanks for bringing this concern to my attention, @StuartHare.
You've got me here to provide some troubleshooting steps to get this two-step verification issue sorted out. This way, you can get back on track and enter your verification code when accessing your account.
The option to enter the two-step verification for your account is still available. This will be visible once you enable it from your Intuit Account's settings.
Here's how to turn it on:
To learn more about this process, please see this reference: Verify your account with multi-factor authentication.
However, in your case, let's try accessing your account in a private window. Performing this process will help determine if the issue has something to do with your browser since you haven't disabled the option.
Sites like QuickBooks Online store these files to save you time while loading repetitive information and images. There are times that the accumulated cache and cookies in the system become corrupted, causing unexpected behavior in the system like the missing two-step verification upon logging in to your account.
You may use these shortcut keys to launch the window:
If it works fine, you can go back to your regular browser and clear its cache. Clearing these files, QuickBooks will load a new version of everything displayed on the page.
I also suggest running the Health Checkup Tool. It is used to check multiple aspects of the browser to ensure the application runs seamlessly.
However, if doing this doesn't make a difference, I suggest reaching out to our Customer Care Team. They have the necessary tools that can help check the reason behind this matter.
You can contact them by following these steps below:
Feel free to get back to me if you need anything else. I'll be around to help. Keep safe!
Thanks for responding.
I had already re-enabled MFA on my account using SMS before posting this message to the board.
As a cyber security professional and the reason for the post, is that I am concerned with the fact that MFA has been disabled on my account, without any warning to me.
Only I have access to my account and i have not disabled MFA. Approx. 2-3 weeks ago I just stopped getting asked for MFA when signing in.
My other concern is that MFA support for authenticator apps has been removed (which is what i was using previously so probably the reason why it was disabled) and the only option now is SMS and voice both of which are far less secure.
Is this a result of a change by Intuit to stop auth app support?
And if so why are users not notified that their accounts have had security features they rely on removed?
This is a significant issue for me, I want to know that Intuit & QBO are keeping my accounts and data secure.
Hello Stuart, Regarding the Microsoft app it is worth contacting the authorization to see if there is a reason at their end it is not working as that app is not controlled by QuickBooks itself. We do see you would prefer to use that, at the moment you would need to use the SMS multi-factor it will not ask every time if it recognising the log in place/history. We do take security seriously and more information on our security can be found here