Happy to see 2FA for YNAB

Thank you very much for adding two-factor authentication!  Feeling much better about trusting my financial data online with that added level of security.  I second the recommendation to use Authy over Google Authenticator.  Same protocol, many more features. 

Now if only one could delete an existing username/password combination that was previously set and solely rely on Google authentication ...

11replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
    • TechieM2
    • IT Professional and General Geek
    • techiem2
    • 1 yr ago
    • Reported - view

    I use Authy for everything I can as well.

  • Hi Saish Dawg !

    We're happy to hear you're enjoying the new 2FA feature! It's been a long time coming and we love hearing it hit the mark! :)

  • HI!  I understand the need for 2FA and I have it enabled.  My question, and I hate to sound lazy, but how can you set up push notification?  Is that based on the authenticator that you choose to use, or is it how YNAB has 2FA implemented?  

    Getting a code pushed to your phone through SMS or through the authenticator would be a great enhancement to an already important security feature.

    • Hi Purple Tugboat !

      Push Notifications are dependent on the authenticator you choose. I double-checked and Authy offers Push Notifications, while it appears Google Auth does not.

    • Faness I'm using LastPass Auth, and I know it offers push notifications and a way to allow me to Approve in the mobile auth app.  However, I'm not presented with any of those options.  I always have to open my phone, go to the auth app, get the code and type it in ....

    • Purple Tugboat I'm going to check with our team on this one for details and I'll let you know what I find! :)

    • Faness Thanks! I know sometimes it’s frustrating when you roll out a new feature and it seems like it’s still not enough, so take it as just a suggestion for future enhancement 

    • Purple Tugboat We want to continue to improve, so we appreciate you sharing your input - especially on the heels of a new feature! :)

      I've passed this along to the rest of the team so we can look into it as a future possibility!

  • nolesrule It would be if there were  no authentication whatsoever.  My issue is that I would like the option to *switch* from username/password to Google.  However, given I signed up with the former, adding Google simply adds another attack vector (they can discover my YNAB password or my Google one).  The request is to include a checkbox when enabling Google authentication "remove existing YNAB username/password". 

    Having Google-only with 2FA is en effect 3FA, as Google has its own options for 2FA, and would hence be the best option. 

  • Great addition indeed ! I was eagerly waiting for this !

Like3 Follow
  • 1 yr agoLast active
  • 11Replies
  • 169Views
  • 6 Following