Add 2-Factor Authentication/Multi-Factor Authentication to App [edited] (2 Merged Votes)
Comments
-
New user, well not anymore. I'm voting with my feet. If security is not paramount on the front end I don't have any confidence for the backend. No thanks.
0 -
It is absurd to me that an application that has all of a person's financial information in it would not provide MFA. The web application needs it more than the desktop application as the web is much more accessible than an application on my desktop. I just subscribed to this service today and am very seriously considering canceling my subscription due to this major hole in security. Please get this addressed ASAP.
0 -
@Adele F For the web app, I'm prompted for text-message-code verification the first time i sign in on a new computer (or after clearing cookies) to the best of my knowledge. That is MFA for the web app. Some people would prefer Google Authenticator verification, but that is slightly less secure than Text Message verification because it's backed up to google and anyone with access to your google account (including, likely, google employees who may be able to reset your password or otherwise access it) can get those codes.
—
Rob Wilkens-4 -
Clarification: "Google Authenticator" 2-step verification (2SV) is used synonymously with one-time passcode (OTP) authentication (learn more
).Google's Authenticator is an easily recognized OTP app, but many, many apps support OTP. To be clear, OTP is more secure than SMS because it's not subject to SIM swapping and account takeover attacks (
).REQUEST: Quicken should support Username, Password, + OTP as a default option in 2024, especially since you aggregate, store, and process our financial information.
1 -
Please deploy OTP Multi-factor (Google Authenticator, Authy, etc.) as soon as possible. Quicken's existing multi-factor methods (SMS, phone, or email) are readily compromised. This is a finance app after all. Quicken is not following NIST best practices and this puts Quicken customer information at risk of being stolen.
1 -
Even Quicken's Chatbot AI correctly summarized that this state of affairs is "insane" — see attached! Please fix!
4 -
+1 for this feature.
0