Jump to content
ATX Community
Sign in to follow this  
Roberts

IRS urges tax pros to use multi-factor authentication

Recommended Posts

Because of their required time out period being so short, I'm logging into the software 5-10x per day. I might use the multi-factor authentication if they weren't so stupid about the time out issue. I'm not a full-time tax preparer and do returns while I'm working our financial planning and investment management. I take a call - logged out. A client stops it, logged out. Wife calls, I'm logged out. If I had to coordinate it with my cell phone texts I'd go crazy.

 

IRS urges tax pros to protect software accounts with multi-factor authentication

The IRS and its Security Summit partners today called on tax professionals to use the free, multi-factor authentication feature being offered on tax preparation software products.

Multi-factor authentication means returning users must enter their username/password credentials plus another data point that only they know, such as a security code sent to their mobile phone. For example, thieves may steal passwords but will be unable to access the software accounts without the mobile phones to receive the security codes.

Share this post


Link to post
Share on other sites

Based the lead sentence in the announcement,

"The IRS and its Security Summit partners today called on tax professionals to use the free, multi-factor authentication feature

 being offered on tax preparation software products.", it includes desktop software.

Share this post


Link to post
Share on other sites

A lot of software is online these days. No way does ATX want to text me a code every time I enter my password to log in. Besides, the IRS is way behind the times, as usual. 2FA has already been spoofed so a hacker can intercept these texts.

  • Like 1

Share this post


Link to post
Share on other sites

The constant timing out and logging back in is so d@mned annoying, and like Roberts said, a short phone call is all it takes to be logged out. In the past I've used the software's timer feature to tally the total time on the return including while I may have been working in Excel, so I would leave the return open at the same time. Now I have to make sure that I wasn't logged out at some point. 

  • Like 1

Share this post


Link to post
Share on other sites
3 hours ago, Abby Normal said:

A lot of software is online these days. No way does ATX want to text me a code every time I enter my password to log in. Besides, the IRS is way behind the times, as usual. 2FA has already been spoofed so a hacker can intercept these texts.

I'm using Drake and Microsoft Authenticator  to generate the code.  Don't have to wait for a text, open the app on my phone and the code is there.  Drake also does not require the MFA code to log back in unless you have been inactive for quite awhile (not sure how long, but it's at least an hour), you only have to enter the password.  I thought it was going to be a hassle, but found it doesn't take more than a couple extra seconds to log in.

  • Like 4

Share this post


Link to post
Share on other sites
27 minutes ago, Patrick Michael said:

I'm using Drake and Microsoft Authenticator  to generate the code.  Don't have to wait for a text, open the app on my phone and the code is there.  Drake also does not require the MFA code to log back in unless you have been inactive for quite awhile (not sure how long, but it's at least an hour), you only have to enter the password.  I thought it was going to be a hassle, but found it doesn't take more than a couple extra seconds to log in.

Thanks for posting that.  I'm a committed Drake user, not at the office today, and was wondering how it works in Drake.  I frequently get logged off when I turn to do something else and then find myself signing back in, but it isn't a problem. And I like the idea of another level of security. I'll probably set it up on Monday.

 

  • Like 3

Share this post


Link to post
Share on other sites

I have a key to open my office door. I have a code to disable the alarm system. I have a windows password. I have encryption on all of my drives. I have an ATX password. But, somehow, the IRS thinks I now need 2FA to keep my tax software "safe"?

If I was trying to steal a tax preparer's data, I would search for all the PDFs on their computer that are most likely not password protected and just copy those. Why would I want to log in to their tax software?

This is like airport security, where taking your shoes off supposed to make you safer, but it's complete 🐎:poop:.

  • Like 3

Share this post


Link to post
Share on other sites

I'd like to see a thief put my micro shredded chips back together to steal information because they aren't small enough according to the IRS directive.

  • Like 3

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...