Help us improve

2 Factor Authentication

Hi

When I log in to Kashflow (as a client), I've noticed that I can set both my password and memorable word to the same thing - which presumably is not that secure?

Would it be a good idea to have 2 Factor Authentication as part of the log in process?

I use other online services for my business, such as MailChimp which has 2 Factor Authentication (Google Authenticator), and which they incentivise me to use by giving me a 10% discount on my subscription.
  • Hugo Elliott
  • Jan 10 2017
  • Acknowledged
  • Jan 10, 2017

    Admin Response

    Hi Hugo, Thanks for your feedback. We have not had any security issues with our current login process and have found it to be extremely secure. Our current login process ties in with our KashFlow Connect platform so unfortunately we cannot make any changes at this time, unless we do find that there is an urgent security risk. If you do have any concerns about the security of your login or the data on KashFlow please visit our website which provides information about our data protection policy and data storage.
  • Attach files
  • Anonymous commented
    January 10, 2017 09:27

    I find the current log in process to be a bit of a pain. It's a nice, secure method, but I have to keep referring to a "crib" with my memorable word so that I can efficiently access the service. The existence of the crib dilutes the security to some degree.

    I agree with Hugo. A method like google authenticator would maintain (or perhaps improve) security.

    I accept that Google Authenticator (or similar) is also likely to be seen as a pain by some. It's an extra step, but it's a method I already use on other services and it removes the need to either carry a crib, or set a worthless memorable word; aaaaa for example.