Jump to content
ATX Community

Quickbooks Complex Password requirement

Roberts

By Roberts
in General Chat

 Share

Recommended Posts

Roberts

Roberts

Posted
Posted

The geniuses at Quickbooks have decided to implement a Complex Password requirement on most customer accounts with the newest update. Because my companies have routing numbers with the checking accounts (supposedly) and I have SSNs for employees, I'm forced to enter a complex password before entering each company account. It is currently impossible to remove this requirement and has been dictated by the geniuses at Quickbooks.

How arrogant of a company do you have to be to implement this requirement on your customers and force it upon them without any possibility of removing the feature?

My computer is fully encrypted so an unauthorized hack is very unlikely. This royally ticks me off probably more than it should.

  • Like 7
Link to comment
Share on other sites
Catherine

Catherine

Posted
Posted

Me as well.  Plus, you have to CHANGE the bleeping thing every three months.  However they do allow numeric increments (password1, password2, etc).

I have been sorely tempted to tell my clients to go back to paper systems.  And my preferred qb password is a cryptic imprecation directed towards intuit.

  • Like 5
Link to comment
Share on other sites
Roberts

Roberts

Posted
  • Author
Posted

Since I don't use QB payroll services, it's actually very affordable. Well - Free. A client buys the new version every other year and gives me his copy to install since I refuse to pay for a new version.

 

Holy cow this really ticks me off. I've read they have been inundated with complaints so hopefully they roll this back out with an opt out feature. I'm always amazed by the arrogance and stupidity of software developers on issues like this.

  • Like 2
Link to comment
Share on other sites
Abby Normal

Abby Normal

Posted
Posted
21 minutes ago, Roberts said:

arrogance and stupidity of software developers

Intuit's arrogance and stupidity stopped amazing me a long time ago. I've come to expect it. But I was surprised by their grey on grey depressing default color scheme for QB2015. Looks like it was designed by a depressed, alcoholic, Russian poet.

  • Like 4
Link to comment
Share on other sites
Roberts

Roberts

Posted
  • Author
Posted
36 minutes ago, Tax Prep by Deb said:

I don't think this is Intuitive doing  I believe it is a law that was passed.  The same thing is being implemented in ATX software this year.  In the past a password was optional but starting with this year's software it will be mandatory.

I don't believe there is such a law. The IRS suggested firms be more pro-active in requiring passwords and I'd suggest that's the issue. I know my software has started suggesting a text verification for my computer to access their online site - it's a suggestion offered and not a requirement. The software though DID kick out the saved password feature. Drake for last year hasn't made that a requirement.

Medlin Accounting isn't requiring a password as of yet. Since they post here, maybe they can inform us of any law requiring such an action.

 

  • Like 1
Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

I have not seen such a requirement, but that does not mean one exists (on paper or defacto).  Every taxing agency can impose their will on their subjects.

One tax agency can absolutely wag the tail of all others, since software is usually not written for one tax agency.  There certainly may be a locality which essentially requires a password, forcing a software vendor to do so for all, or create a special version.

  • Like 2
Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted
1 hour ago, Tax Prep by Deb said:

I don't think this is Intuit's doing  I believe it is a law that was passed.  The same thing is being implemented in ATX software this year.  In the past a password was optional but starting with this year's software it will be mandatory.

Software companies are succumbing to the irrational paranoia of software and internet hacking security.  If an experienced and determined hacker obtains access to your network or computer, these silly simple padlocks will only slow them down about 2 minutes.

I already carry a flash drive with me containing a spreadsheet with login and password information for all the companies and accounts I deal with.  235 line entries.  It is the only way I can keep track of all the different sites and requirements.  With my spreadsheet, I only HAVE TO remember one password.  Irrational paranoia is costing companies millions in lost productivity.

  • Like 1
Link to comment
Share on other sites
Lee B

Lee B

Posted
Posted

According to the ATX Blog, they will be requiring complex passwords plus secret questions with

the coming Tax Season's software. There was an IRS Security Summit earlier this year attended

by Tax Software Providers and State Revenue Departments where the participants agreed to

implement these security related changes. There is more detail about this on the ATX Blog.

  • Like 2
Link to comment
Share on other sites
Randall

Randall

Posted
Posted
38 minutes ago, Jack from Ohio said:

I already carry a flash drive with me containing a spreadsheet with login and password information for all the companies and accounts I deal with.  235 line entries.  It is the only way I can keep track of all the different sites and requirements.  With my spreadsheet, I only HAVE TO remember one password.

I have a spreadsheet for my passwords too.  I'd never be able to remember all of them.  And some require changes every 3 months. 

  • Like 3
Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

It is the IRS's sandbox... so legislative or procedural, the software vendors have to do what the IRS says.  The IRS is probably more concerned with having proper returns, and proper refunds, more than security.  Security may help in that endeavor, as will having W-2 forms in hand before the returns are processed.  Passwords are a silly "solution" since they are easily broken, if access to the data is gained.

Link to comment
Share on other sites
Roberts

Roberts

Posted
  • Author
Posted
50 minutes ago, Randall said:

I have a spreadsheet for my passwords too.  I'd never be able to remember all of them.  And some require changes every 3 months. 

I do also. It's encrypted but if anyone hacked it, I'd be in serious trouble. I print off a copy every year and put it in my safe at home.

My computer is fully encrypted also.

Supposedly, if you don't have the credit card processing feature enabled, you won't have to change your password on Quickbooks every 90 days.

Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

Just thinking out loud... Having one password to access all other passwords makes the others moot.  Might as well just use the same one over and over, since all it takes is for the one to get compromised to gain access to all others.

Probably why two factor auth is preferred as a "real" security step.

Would I be comfortable with a list of passwords in a spreadsheet?  No, not unless in some sort of trusted online storage, accessible only with two factor auth.

Link to comment
Share on other sites
SaraEA

SaraEA

Posted
Posted

We haven't heard a word from UltraTax yet--although we did have to re-file our ERO application and something else.  I wonder if the new password requirements will apply to the more expensive software like UltraTax and Lacerte.  The crooks were all using TurboTax, cheap and readily available, no ERO status required, so that product is now implementing all sorts of ID-verification requirements and attaching tags to the efiles.  Likely the other DIY companies are too.  I don't believe Drake and ATX have DIY versions but are inexpensive enough to attract medium-sized players who file enough phony returns to make it worth their while.  I can't imagine a thief shelling out the $15k+ for UT or Lacerte, so maybe those users will be spared the complex-ever-changing password requirements?

QB Online forced a password change on us last week.  While it's convenient to download bank statements, it doesn't work nearly as efficiently as regular QB.  Like if you want to split a transaction, first you have to save it and then go back in and split it.  Almost impossible to delete a transaction or choose preferences, can't just hit "enter" to save, etc.  One would think this "wave of future" cloud-based product would build on the best of the software version, but not so.

Time to be brave and go watch the election results. 

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted
9 hours ago, Medlin Software said:

Just thinking out loud... Having one password to access all other passwords makes the others moot.  Might as well just use the same one over and over, since all it takes is for the one to get compromised to gain access to all others.

Probably why two factor auth is preferred as a "real" security step.

Would I be comfortable with a list of passwords in a spreadsheet?  No, not unless in some sort of trusted online storage, accessible only with two factor auth.

No one will break the 25 character password on my excel spreadsheet.  I have NO printed versions.  I carry the flash drive on a lanyard around my neck if I am anywhere besides behind my desk.  I do this because I cannot possibly remember so many usernames and passwords.  I am NOT security and hacker paranoid about my accounts.

It is a fact that the largest number of hacks into private or corporate information occurs because the owners of said servers were sloppy with their passwords.

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted
6 hours ago, michaelmars said:

for all on-line accounts I use LastPass. its free and it stores all of your passwords.  I just log into it once a day with a 30+ password and it automatically logs me into all on line accounts, intuit, credit cards, bank accounts etc.

Question is... WHERE does it store your information?  Mine hangs around my neck on a lanyard, and in that configuration is unhackable and always available.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...