Welcome back! Ask questions, get answers, and join our large community of tax professionals.
cancel
Showing results for 
Search instead for 
Did you mean: 

Two-factor authentication limited to cell phones with no option to received code via e-mail?

dbarberi
Level 2

It appears that the only ProSeries options for two-factor identification are through cell phones. What if my cell phone is dead, missing, etc. Intuit should include an e-mail option to the e-mail address on record like they do when signing on to this site. Until there is an option for more than a single device I will wait to opt in.

This discussion has been locked. No new contributions can be made. You may start a new discussion here

16 Comments 16
dkh
Level 15

You have a choice of Text Message, Voice call verification or Google Authenticator  

so that's not limited to cell phones

Solved: Upgraded Login Security Recommendation for Tax Yea... - Intuit Accountants Community

dbarberi
Level 2

Correct me if I am wrong, but isn't Google Authenticator currently limited to mobile devices? So don't I still need a cell phone to use ProSeries two-step authentication?

dbarberi
Level 2

Like many, I no longer have a land line.

jeffmcpa2010
Level 11

I think the OP's point is that almost every form of government that uses 2 factor authentication offers e-mail as one of the options.

It is hard to understand that Intuit would not jump on board and also offer the email option, instead of all 3 options being tied to the same access device.

dkh
Level 15

Sorry - I had no idea what Google Authenticator was.....  

IRonMaN
Level 15

I believe they are currently working on adding Telegraph and smoke signal services instead of e-mail to better serve their customers😬


Slava Ukraini!
dkh
Level 15

@IRonMaN  are these Smoke signal services like those used by Native Americans or by Cheech and Chong ??

IRonMaN
Level 15

Native Americans but with the stress of tax season the Cheech and Chong ones might more beneficial.


Slava Ukraini!
Brian_Christian
Employee
Employee

Any phone line should do. In My Account you can choose how to verify, text message or voice call.

 

 

0 Cheers
dbarberi
Level 2

Brian: As indicated in the string above, like many these days I have no land line, only cell phone. So, as I understand it, under Intuit's two-factor authentication, I would be locked out if I experienced any problem with my cell line (lost phone, needs charge, cell tower issues, etc. etc.) Adding e-mail as an option for authentication, as is the case nearly everywhere else, would solve this.

 

 

Brian_Christian
Employee
Employee

My apologies, I think I misunderstood your original post.

Just so you know, 2 factor authentication would not include email as that would only be something you know along with your password (something else you know). So two things you know is a single factor. The second would need to be something you have e.g. your phone/key fob, or something you are e.g. eye or fingerprint. 

That's is why you don't see email as an option in MFA (multifactor authentication).

I realize other companies may provide a way to do this with email, but it is not considered secure enough to qualify as MFA. Intuit has to follow the guidelines the IRS provide in this matter.

See https://www.irs.gov/privacy-disclosure/multi-factor-authentication-implementation for more information concerning these requirements if you're interested.

Unfortunately our current solution is limited in this configuration. 

Regards

Brian

 

0 Cheers
jeffmcpa2010
Level 11

Brian you are missing the point still.

Most major government agencies have email as one method of receiving the two-factor code. 

Just give us the choice of Voice, Text or Email to have you send us the code. If its secure enough for Social Security Admin it should be secure enough for you.

 

 

 

dbarberi
Level 2

Brian: I have viewed the link provided in your reply, but I am a CPA, not a computer expert. So am I correct that if I have no land line, and there is any problem with my cell phone, I will be unable to open ProSeries until the problem with my cell phone is resolved? This situation may be unlikely, but it could be serious and costly if there is a time-critical deadline that can't be met because of my inability to log on.

0 Cheers
CRL
Level 1

With two factor authentication will our password still need to change every 90 days?

0 Cheers
Brian_Christian
Employee
Employee

Sorry Jeff, but If we implemented what you're suggesting, it would negate the 2 factor authentication. This is a security issue. 

0 Cheers
ATX CPA
Level 1

I woke up this morning to the security text not wanting to go to my phone.  They said it could be 24 hrs to fix the issue.  Ugh

0 Cheers