IMPORTANT INFO - Multi Factor Authentication for Reckon Accounts Hosted 🔒
Comments
-
@Rav,thank you for your reply. I am entirely across the requirements of MFA as a BAS Agent of many years. The point I am making is that all the other accounting programs I use that require MFA have implemented it at the User level. There would be no shared login if you implement it at that stage as every user would have their own password, and the MFA would be linked to that - not the Licence. Some of the work-arounds above that involve sharing codes are quite counter-intuitive to the whole reason we have MFA and I would think would be in breach of the ATO requirement. I really feel that the only practical and financially viable solution is to change my current RAH clients to other software that approaches this differently. Is there any chance that Reckon could implement the MFA at the User level?
1 -
Yeah we know you are being compliance, but Reckon does need to hear everyone to understand the bigger picture of reality before lots of clients leave Reckon behind for good.
If no one comments, then you are not aware of the trouble caused, and then help solve it.
1 -
@carmel I think it’s important to note that Hosted is not “online” like the others though, it’s the desktop program that’s being ‘Hosted’ on Reckon’s own servers so this has more integration/linking challenges than the Cloud products 😬
Shaz Hughes Dip(Fin) ACQ NSW, MICB
*** Reckon Accredited Partner (AP) Bookkeeper - specialising EXCLUSIVELY in Reckon Accounts / Hosted ! ***
* Regd BAS Agent (No: 92314 015)* ICB-Certified Bookkeeper* Snr Seasonal Tax Consultant since 2003 *
Accounted 4 Bookkeeping Services
Ballajura, WA
(NB: Please give my post a Like or mark as Accepted Answer if I have been able to resolve your query as this helps others when seeking solutions!)
3 -
You're referring to file user credentials set at a company file level, not every Hosted user uses this, its an optional functionality and is used to differentiate access to a file based on required/relevant permissions. MFA cannot be set at this level, it's already past the point of login to the service.
Put simply, a login (username) to the Hosted service = an individual user.
0 -
is this MFA different to the one I already have to do STP? We have 3 users on our account, can each user's log in have their own mobile number attached to get this MFA?
0 -
no unfortunately only one MFA code per license. You will have to call the other users and give them the code when they log in
1 -
Hi @Sonya Herbert, that's a good question and the answer will differ so I'll just add some clarification around this below in case there's any confusion.
You'll no doubt be familiar with logging into the Reckon Portal to access GovConnect for your STP submissions and as you know this has its own MFA.
An important point to know is, if you're logging into that Reckon Portal account for your STP with your Reckon Accounts Hosted user name (ie. the same user name that you use to login to Hosted itself), then when you enable MFA in Hosted it will use that same MFA for both Hosted and the Reckon Portal.
When you enable MFA in Hosted you'll see a message to indicate this as shown below 👇
⚠️ The above only applies to users who login to the Reckon Portal with their Hosted user name.
If you're logging into Portal in a different way eg. an email address then please follow the steps to enable MFA in Hosted here - How do I setup MFA for Reckon Accounts Hosted? 🔒0 -
This content has been removed.
-
Sorry about that, I don't seem to have a PM from you in my inbox, I'll take a closer look at that. In the meantime though to answer your question, Multi-Factor Authentication is enabled on the specific Hosted login itself so if you have multiple individuals requiring access, best practice is that they have their own licence which will also mean they will have their own individual MFA on their login.
0 -
the only other way is for the secondary user to get the code from the user whose phone is setup
0 -
This content has been removed.
-
I totally agree with you, I’m in the same boat myself
0 -
Hi Rav we are not sharing the one user or password - I have set up Users, as permitted by Reckon, with their own log in details and their own password. Why can't these separate users have access to setup their own 2FA. To suggest we need to buy another licence is inappropriate since we are using the software as it's intended to be used - legitimately. To have another user contact me for their 2FA is not appropriate and a failure of this software.
2 -
If your users have their own login to the service then they'll each have their own individual MFA so there's no need for sharing codes. Please note, I'm referring to a login to the Reckon Accounts Hosted service itself, not a login to the company file which is completely separate and unrelated.
1 -
Thanks Rav - they say they can't find the dashboard to enable MFA. Could you send a link as to where they enable the 2FA?
0 -
Sure @Loretta Wisdom-Zagon you'll find step by step instructions here - How do I setup MFA for Reckon Accounts Hosted? 🔒
There is also a help guide linked in the opening post of this announcement with detailed info around MFA in Hosted along with instructions as well.
0 -
Hi everyone,
Just adding a note for the wider Community, I appreciate MFA on your Hosted account is going to be an adjustment and for some it might be a bit more of a change than others when it comes to using the service.To be clear, our Hosted licensing terms have always stated that the licence is personal. A single user licence allows only one user of the service. If you require more than one user, then you need a multi-user licence.
The intention of this post isn't about licences or the sharing of licences though, it’s about the upcoming mandatory MFA for Reckon Accounts Hosted and supporting our users with this change. As a company who works closely with our customers, their data and the ATO, we have an obligation to keep our customers data safe. To do this we are required to enable MFA on Hosted in line with ATO requirements to operate as a digital service provider. Failure to do so could potentially mean we can no longer handle Single Touch Payroll at best, and at worst put our valued customers data at risk.
I've seen a few posts or questions appear querying how to circumvent MFA requirements and/or share MFA. While we understand that you may want to find ways to bypass this additional protection of your data, this is at your own risk and discretion, and we strongly discourage this as it goes against our guidelines, ATO requirements and general cyber-security best practices.
Moving forward, I’d ask that Community members refrain from promoting bypassing MFA security as it leaves those users exposed to unnecessary security risks. Any posts advocating or promoting circumventing or bypassing MFA will be removed and we appreciate your cooperation and consideration.
0 -
We currently have one licence with multiple people using this you mentioned. If you require more than one user, then you need a multi-user licence. what is the cost of this. Is this the same amount as having the original licence or is there a cheaper licence for a second user. As we have administration staff and the current price is just not worth it for us.
0 -
Hi @RandCSharp
Our customer service team is happy to have a conversation around getting the licencing side of things organised & setup based on your requirements. Give the team a call on 1800 732 566 and they'll be able to have a chat with our around pricing and your licences.
0 -
Hi Rav and others, I am quite sure in the contract it states somewhere..just looking still..that we will not be forced to upgrade to more licences. I require one other person to login and check records, thats all. It is not appropriate to charge another license fee for that, therefore also not viable. In fact I tried to cancel my account and it was refused. The contract to Hosted seems so tight theres no getting out of it. That has rang alarm bells. Reckon Hosted is going down big time and it is best to lose money and go elsewhere than stay with Reckon Hosted. Reckon Hosted is a dead duck with your customers leaving. You only have to read MMC reviews. I would recommend NO-ONE to sign to Hosted after what I've experienced. Hosted is just a trap.
2 -
Hi all,
We're at the 2 week mark now until mandatory MFA kicks in for Reckon Accounts Hosted.
If you haven't already done so I'd highly recommend thinking about enabling MFA for your Hosted account now so you can get accustomed and familiar with how MFA works, managing it etc before it becomes mandatory and the rush begins on May 15.
If you have any questions or issues with getting MFA setup please let us know.
0 -
Hi Danielle I am wondering why your comments disappeared from Reckon??
1 -
@Barbara Allen-Guthrie while I appreciate it may prove unpopular, as mentioned previously here any posts advocating or promoting circumventing or bypassing MFA will be removed from the Community which is the case in this instance.
0 -
Thanks Rav I did not read that, shame!
0 -
This content has been removed.
-
Thanks for the heads up on that @Danielle Matthews. We'll have a chat internally around that to ensure everyone has a clear understanding of the requirements when it comes to MFA and we're all on the same page.
I'll just reiterate my previous messaging above, while I can understand that you may want to find ways to bypass this additional protection of your data, this is at your own risk and discretion, and we strongly discourage this as it goes against our guidelines, ATO requirements and general cyber-security best practices. I'd strongly recommend to all Community members to refrain from promoting bypassing MFA security as it leaves those users exposed to unnecessary security risks. Any posts advocating or promoting circumventing or bypassing MFA will be removed.
0 -
If the file is always used on the same computer in the same location, even by different users at different times you could always install Reckon Enterprise, which you are entitled to, and download the file from Hosted and use on desktop, that way no MFA required.
2 -
If this is an ATO requirement per se, why are non-Australian users being made to use MFA. We have 11 people using Reckon and are struggling to figure out how to effectively set this up.
Can you have multiple users use one cellphone or is it a 1 to 1 relationship. We are not comfortable asking users to install and setup on their own personal cellphone. Will investigate using a browser-based authenticator.
0 -
I clicked on Enable MFA, and it did not give me any options to enter a mobile number, to scan anything, and said it is now setup! If I click on revoke, it asks me to enter a code from my MFA application - which I didn't set up because I wasn't asked to??!! WTH??!!
0 -
if you use the same login for Hosted and lodging STP in Reckon Gov Connect it will just say all done and you don’t have to do anything else
1 -
Are your 11 users sharing a single Reckon Accounts Hosted licence or do they each have their own licence, and therefore their own login?
If its the latter then each user will have their own individual MFA on their Hosted login. The easiest method for MFA is via mobile but if an authenticator app isn't suitable for your users, would SMS be a better option? Its still via mobile however there is no install or setup required, its simply just receiving a code via SMS to their mobile number.As Kris has mentioned, if you've already enabled MFA on the companion Reckon Portal account that accompanies your Hosted login then all you need to do is enable MFA in Hosted. It'll use the same MFA that you're already using with that Reckon Portal account so there is no setup required.
There is a message notifying you of this in Hosted, screenshot example below.1 -
@Rav - yes this would be the issue, the subscriber of the software has MFA enabled for STP. Will all other users who have separate logins need their own MFA or how will this work?
0 -
Each specific Reckon Accounts Hosted login has its own individual MFA. Please note, this is a login to the RAH service itself, not the company file.
If you're using the same login for both Hosted and the Reckon Portal for STP you can use the same MFA across both which is what it sounds like in your case.Will all other users who have separate logins need their own MFA
If you have your own login to the Hosted service, you will have your own individual MFA that is specific to you.
0 -
💡MFA tip!
Hi everyone
Just wanted to add a quick note here with a little tip as we're seeing more folks start to enable MFA.If you use your Reckon Accounts Hosted login credentials to also sign-in to the Reckon Portal (for sending your STP submissions for example), then all you need to do is click the Enable MFA button in Hosted.
ℹ️ You'll use the the same pre-existing MFA that is already setup from your companion Reckon Portal account so you won't need to go through the setup process.
You'll see the below message if MFA is already enabled on your companion Reckon Portal account.
⚠️ Please note: This only applies to users who login to the Reckon Portal with their Reckon Accounts Hosted login credentials. If you are using a different login for the Reckon Portal eg. signing in with an email address for example, then follow the steps to setup MFA here - How do I setup MFA for Reckon Accounts Hosted? 🔒
0 -
With MFA set up on the mobile phone, what happens if the phone dies completely? What's the process for resetting to another number?
0 -
make sure you keep your recovery pin handy - you can login on a computer and use that pin to reset MFA
0 -
We've got a few ways to revoke the existing MFA set on your account, and there is detailed info on this here - Revoking your current MFA from your Reckon Accounts Hosted account 🔓
0 -
Hi everyone,
We're now in the home stretch with mandatory MFA for Reckon Accounts Hosted just one week away.
We've seen a huge increase in our Hosted users getting a head start with enabling MFA already and if you haven't already done so I'd highly recommend it as well so you can get familiar with it before becoming mandatory on May 15.
We've got some really helpful resources on setting up and managing MFA which I'll link below and strongly encourage you check out 👇
- How do I setup MFA for Reckon Accounts Hosted? 🔒
- Revoking your current MFA from your Reckon Accounts Hosted account 🔓
If you have any questions or issues with getting MFA setup please let us know.
0 -
Hi
I have a tax agent , receptionist and myself required to log in at different times into Reckon hosted for different work related issues. If there is only one phone or app that can receive the code how am I supposed to coordinate all these people? Asking to buy a licence for each user just seems to be a money making strategy. Not any good for small business. Nab connect let users use their individual app or phone to enable multifactor authentication. They do not charge for each user. The licence fee should be for the product and should not be based on the number of users.6 -
I called Reckon to talk to them about our situation with our employees and the best they would offer for 3 people to have the use on the same company file was $860.00 each for the 3 of us. Just not good enough.
We have one Company in which 2 of us as Director's login with the same user license and 1 employee who uses the logs in a couple of times a month to access Reckon and they are asking us to pay $2580.00 for the use of this program for the 12mths. Just not good enough BS actually.
5
Categories
- All Categories
- 6.7K Accounts Hosted
- 17 📢 Reckon Accounts Hosted - Announcements
- 6K Reckon Accounts (Desktop)
- 8 📢 Reckon Accounts Desktop - Announcements
- 1.5K Reckon Payroll
- 39 📢 Reckon Payroll - Announcements
- 15 Reckon Payroll Help Videos 🎥
- 28 Reckon Mate App
- 2.7K Reckon One
- 15 📢 Reckon One - Announcements
- 12 Reckon Invoices App
- 23 Reckon Insights
- 101 Reckon API
- 309 Point of Sale
- 1.9K Personal Plus and Home & Business
- 71 About Reckon Community