This idea has been merged into another idea. To comment or vote on this idea, please visit KF-I-5156 Two Factor Authentication.
Currently Kashflow only requires username and password level authentication when logging in. These days, most know that usernames and passwords are not enough to keep unwanted people out of accounts.
This is now increasingly important given the fact that it is now possible to integrate with GoCardless, so the lack of multi-factor authentication could mean that someone with simply a username and password (which can be extremely easy to obtain) could - for example - log into Kashflow, generate false invoices, AND automatically take funds from clients who have an active direct debit set up.
Please allow support for something like google authenticator so that we can protect our Kashflow accounts against unauthorised access.