Add 2-Factor Authentication/Multi-Factor Authentication to App [edited] (2 Merged Votes)
Comments
-
It would be awesome if you could support multi-factor authentication for your Quicken account. Preferably Google Authenticator or the like.
1 -
Rather than starting with 1-vote, consider voting on the existing idea here (scroll to top of page 1):
[removed link to merged thread]
—
Rob Wilkens0 -
Google authenticator, though, is only as secure as your google password, since it's backed up to google's servers (they may have access to your codes). I use it, too, though because it's an extra "layer" of security.
—
Rob Wilkens-1 -
Thanks I just found that page! I can close this one.
0 -
I'm a Mint customer transfer and am surprised that Simplifii doesn't have MFA. This is a MUST-HAVE
Upvoting this request with both thumbs!!3 -
Man, came here looking for a feature request to disable 2FA on the web. It's a read only platform. At least having 2FA be optional would be nice.
1 -
MUST-HAVE for authentication on Simplifi. Please implement sooner than later. Someone remarked that it's a read-only platform, but there are lazy individuals who leave passwords lying around on desks or in drawers. I doubt these folks would want someone looking at their financial information, especially transactions and balances.
1 -
Now that some MFA has been implemented, I'd like to follow-on to request using a dedicated Authenticator app or similar. The problem with using email or phone/SMS for MFA arises when the bad guy compromises your email or SIM swaps your phone to start receiving those codes. Dedicated apps like Authenticator (Google, Microsoft, others have their own) require their own MFA to login, like biometric unlock.
tl;dr thanks for SOME MFA, but now please let me use an Authenticator app as well.
2 -
This is false. Like most major platforms, Google uses myriad data points to validate you are you when accessing Google stuff. Password alone does not grant access, especially if the device you're using has updated or otherwise changed. Microsoft, Apple, every financial institution, etc. Authenticator apps from any major tech institution remain the most secure MFA methods.
1 -
Wait, when did SMS MFA get added?
0 -
Must have been recent! I've only been a customer for a few days, a Mint refugee.
Regardless, I'll stop hovering after this final point because I was confused as well: Google's Authenticator app codes used to be stored on your device for top security. They are now stored in your Google account because losing your phone used to mean losing all access to Authenticator/OTP-secured apps. The important point here is you can't manually retrieve or interact with these codes, no human can, by design. Similar to a password safe, only the Google Authenticator app can retrieve the critically-private 'seed' value these codes are generated from using its secret, upside-down, backwards handshake.
This does create a threat vector since your data is being copied remotely in exchange for the anti-lockout convenience. Some super smart APT could theoretically reverse engineer the Authenticator app, deploy it to 1+ victim phones, and harvest. IMO that's vastly more effort than email compromise or SIM-swapping though, so if we're talking money vs effort, they'll do the latter.If I've learned anything from cybersecurity: Being a more annoying target than the next person on the harvested credentials list is what saves you. Also freeze your credit. <3
1 -
Being able to use a 2FA app and not just a text code would be very nice.
1 -
I'm still not prompted for SMS 2FA, even when trying incognito.
2 -
Agreed and added a +1 vote.
Would like to see options for an authenticator app (Authy, Google Authenticator, etc) as well as security keys to secure this data both on mobile and in the webapp.
1 -
+1 vote for authenticator app based 2FA. My wife and I used mint before and used Authy. Now, I need to be around if she needs to login.
1 -
Yes, please add 2FA TOTP support, e.g., Google Authenticator. Everyone knows SMS is not secure, i.e., SIM swapping, etc.
1 -
How does one upvote a feature request? Is it a comment alone?
1 -
Yes, add MFA
1 -
Recent emigre from Mint. Shocking that even after a restart on desktop Mac, all my financial just pops up when I launch the site. Not even a simple password request, much less MFA. I'm not a security freak, but I find it disconcerting to say the least.
1 -
Security loop hole , being so many accounts information there is no MFA to enable for logins as in this current security cybersecurity world, mfa is minimum so we can feel safe
1 -
I believe two-factor authentication should be a high priority for the app since it contains my financial details, including account information for my bank accounts, CC, etc. PLEASE add this soon!
2 -
Agreed!!!!! It needs to connect to an authenticator app at the very least. I would like the option to need to use a security key to access it.
2 -
This thread started in 2019. It is now 2024. A paid for service like Simplifi should have MFA.
2 -
Moving over from Mint (Intuit Product). Don't you guys talk to each other. Mint had 2FA and also had an interface for Citi Cards. Get with the program, please.
1 -
FYI, Quicken and Quicken-Simplifi are not Intuit products.
Anthony Bopp
Simplifi User Since July 2022Money talks. But all my paycheck ever says is goodbye1 -
The mobile app has some MFA options. Your request already exists vote for it below. The more votes, the more likely your request will be considered.
[removed link to merged thread]
Simplifi User Since Nov 2023
Minter 2014-2023
Questionable Excel before 2014 to present
1 -
What exactly is there to vote for here?! Do we want our money and credentials safe? YES. Why this is not a top priority within Quicken is troubling.
1 -
Bumping this! MFA is imperative for financial apps. RSA is literally on the way out the door with the advent of quantum computing. This company is putting all of our financial data at risk by not implementing ASAP.
How was the last post on this in 2022. I will not renew my subscription if this is not remedied.
3 -
New user here, just signed up. First thing I did was look in the security settings to enable OATH TOTP, but… could only find SMS. I agree, it's rather disappointing.
1 -
Simplifi DOES have MFA. I'm seeing a lot of misinformation here. What I would like to see is TOTP support instead of SMS-based MFA, which is inherently insecure. Either the description of this issue should be updated, or it should be closed as complete.
4
