No password, no problem! Retiring passwords and introducing magic links

Options
2»

Comments

  • cam
    cam Expensify Customer Posts: 4 Expensify Newcomer
    Options

    I guess Expensify are just assuming we'll all give in and this pathetic system will be normalised. Completely disgusting response to customer concerns.

    Flag · Accept Answer Off Topic Insightful 1Vote Up Awesome
  • era428
    era428 Expensify Customer Posts: 1
    Options

    Worst idea ever. this has made using the app a PITA

    Flag · Accept Answer Off Topic Insightful 2Vote Up Awesome
  • TheTransplant
    TheTransplant Expensify Customer Posts: 1
    Options

    Adding my voice to this.

    1) Who decided that this was a good option - were the users involved? The first post looks like it was a unilateral decision?

    2) I practice inbox zero and abhor email. No option to get a text code? Faster and on Mac very convenient.

    3) No use of Apple, Google or other unified login to avoid this annoyance?

    However, it doesn't matter anyway as I have to use Expensify as mandated by the company, and perhaps you know that?

    Flag · Accept Answer Off Topic Insightful 2Vote Up Awesome
  • NaomiC
    NaomiC Approved! Accountant Posts: 1
    edited August 2023
    Options

    I agree with all of the above

    My prior work flow:

    1) click on password manager & type "expensify" <PWD manager goes to expensify & logs me in>

    2) Enter MFA from phone.

    Now:

    1) click on password manager & type "expensify" <PWD manager goes to expensify & enters my email>

    2) Switch tabs & go to email

    3) Open email & copy number

    4) switch tabs back to Expensify, paste number

    5) Enter MFA from phone

    To some, the extra steps for getting a code from email may seem like not a big deal. To our staff who already are hesitant on doing expense reports...?? Well... let's just say

    "Expense reports that don't suck" just became "This sucks. Not doing it"

    Flag · Accept Answer Off Topic Insightful 2Vote Up Awesome
  • turbo2ltr
    turbo2ltr Expensify Customer Posts: 2 Expensify Newcomer
    Options

    "Our focus is protecting your Expensify account. It’s essential to lock your devices and use multi-authentication measures wherever possible. "

    So what you are saying is Expensify is abdicating security of Expensify accounts, telling us to use the industry standard security practices on our email, instead of doing the work and building their platform with an industry standard solution themselves. Got it. Makes perfect sense. "Oh your Expensify account was compromised? Sorry, I guess your IT people didn't secure your email using proper methods"

    I think this should be nominated for the worst security policy decision ever.

    Flag · Accept Answer Off Topic 1Insightful 2Vote Up Awesome
  • bengber
    bengber Expensify Customer Posts: 3 Expensify Newcomer
    edited September 2023
    Options

    Another vote for bringing back password authentication. I have no objection if 2FA is required, but the current solution is problematic.

    Flag · Accept Answer Off Topic Insightful 2Vote Up Awesome
  • corbin
    corbin Expensify Customer Posts: 1
    Options

    Please bring back the password. The magic code system is terrible, for many many reasons (security being a big one).

    Thanks, Corbin Dunn (Software Engineer)

    Flag · Accept Answer Off Topic Insightful Vote Up Awesome

Categories