Hi Hugo,
Thanks for your feedback. We have not had any security issues with our current login process and have found it to be extremely secure. Our current login process ties in with our KashFlow Connect platform so unfortunately we cannot make any changes at this time, unless we do find that there is an urgent security risk.
If you do have any concerns about the security of your login or the data on KashFlow please visit our website which provides information about our data protection policy and data storage.
Guest
Please implement. We will need to leave Kashflow, as part of Cyber Essentials Plus accreditation which our clients demand. Thank
UK Cyber essentials plus 2FA has become a requirement, can this not be implemented with either code to mobile / email or use of google authenticator app
The UK CyberEssentials scheme now requires MFA on any cloud service, such as Kashflow. When is Kashflow going to implement this?
I find the current log in process to be a bit of a pain. It's a nice, secure method, but I have to keep referring to a "crib" with my memorable word so that I can efficiently access the service. The existence of the crib dilutes the security to some degree.
I agree with Hugo. A method like google authenticator would maintain (or perhaps improve) security.
I accept that Google Authenticator (or similar) is also likely to be seen as a pain by some. It's an extra step, but it's a method I already use on other services and it removes the need to either carry a crib, or set a worthless memorable word; aaaaa for example.