Get 50% OFF QuickBooks for 3 months*

Buy now
United States United Kingdom Australia Canada (English) Canada (French) France Singapore South Africa Global Ireland
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Work smarter and get more done with advanced tools that save you time. Discover QuickBooks Online Advanced.

Reply to message

View discussion in a popup

Replying to:
SecurityGuy
Level 2
‎February 23, 2020 01:49 PM

Reply to message

Even major governments that move at glacial speeds recognize that forced password expiration does not improve security.

 

QuickBooks is becoming infuriating every time I switch between companies.

 

First, on a properly secured computer with an encrypted hard drive, QuickBooks password adds absolutely no additional security.

 

Second, users should decide if they need a password, not QuickBooks.

 

Third, if you're going to ram it down our throats, you could at least adopt modern password guidance.

 

https://pages.nist.gov/800-63-3/sp800-63b.html">https://pages.nist.gov/800-63-3/sp800-63b.html

 

https://jumpcloud.com/blog/nist-800-63-password-guidelines/


https://www.canada.ca/en/government/system/digital-government/password-guidance.html


https://www.ncsc.gov.uk/collection/passwords/updating-your-approach

 

And please don't even bother to mention PCI DSS.  PCI are dinosaurs and their standard has done virtually nothing to prevent data breaches involving payment cards. 

Reply Join the conversation

Need to get in touch?

Contact us