Add in option for two-factor Authentication (2FA)



  • TylerTyler Member Posts: 2

    I work for an IT management company and 2FA is essential for us securing our clients. It's absolutely mind blowing that a cloud based financial company has not implemented any sort of 2FA.

  • DavieWavyDavieWavy Member Posts: 2

    Yea, reading through this thread worries me. Does Wave see a future for their product? At least offer 2FA as a paid option.

  • Dave_DDave_D Member Posts: 2

    I don't understand how this thread has been going for over a year, and everyone from the company keeps saying they have no ETA on this. It's 2020, and hacks are a daily event. I cannot in good conscience continue to allow my banking data as well as my customer's credit cards and other data to be accessible to any 14 yr old with some spare time.

    All these comments from the company saying they have no ETA? Pick up the phone, and call whoever it is that is in charge of that department, and get an answer. If they're not working in it, say so. If they are working on it, they have an ETA, what is it? I'd rather know you were working in it, and you don't make the ETA, instead of having to make the obvious assumption that you are putting no effort into this at all. I don't think I need to list all the far less important websites that already offer 2FA as an option.

    What is the problem here? Resources? Capital? Leadership? Decision making?! What??!

  • AlexLAlexL Administrator Posts: 1,725 admin

    Hi everyone. We do think MFA is important which is why we've begun discussion around how this can be added to the software. With this being said, I don't have any sort of ETA on the feature, but this is something that the team will continue to discuss so that we can work on when and how to add it.

    edited May 22, 2020
  • FlorianFlorian Member Posts: 1

    Sorry Alex, but nowadays all replies from your team are "We don't have any ETA" or "We do not currently plan to support X feature". I feel I haven't seen a single change in Wave Apps since "The 2018 rebrand". Basic features are still missing, no matter how much people complain here.

    • 2FA? We don't have an ETA.
    • Being able to reorder or add lines between existing lines in an estimate? Not a priority.
    • Translating basic column headers in invoices? Keep the feedback coming, we love your ideas!
    • Set your own text as default payment reminders? Thank you for bringing that to our attention.

    I'm not sure if your business model is preventing you from putting development efforts where users desperately need them, or if you are just out of touch with your users... Right now, I cannot in good conscience keep using your solution. It's unsecure, I'm losing precious time manually editing payment reminders every time I have to send one, it takes me 5 minutes to add a simple line at the top of an existing estimate, and I cannot get my invoices to comply with my country's language laws. So... after years of frustration, it's time for me to say goodbye and leave what I believe is a sinking ship. I've subscribed to InvoiceNinja which natively supports most of the things your users are requesting in these forums...

  • WonderWonder Member Posts: 17

    Any updates on 2FA? It's been a while since this last post?

  • AlexLAlexL Administrator Posts: 1,725 admin

    Hey @Florian , I understand exactly where you're coming from. I can shed a little bit more light on this process as a whole.

    With different business types come different software needs from different users. We're constantly expanding and iterating on our software so that we can grow it while continuing to offer new features and functions. Being a company that specializes in a number of different products (accounting, invoicing, payment processing, payroll) it can sometimes be difficult to give users exactly what they need especially when they use Wave for a very specific product/reason.

    With this being said, we understand that you need to do what's best for your business and that Wave may not meet your needs at the moment. We definitely don't want to be the reason that your business isn't able to grow and flourish the way it should and we encourage you to make the decisions that you think are right for you. I do apologize however if the updates you've been looking for haven't yet happened, but my hope is that we can continue to grow the platform in the future and offer all of our users all of the features that they're looking for.

    Please continue to check back in the future to see if these vital features have yet been implemented into the software :smile:

    Thank you as always for your support!

  • Dave_DDave_D Member Posts: 2

    I do appreciate you taking the time to address these comments and I'm not blaming anyone at the company individually, but I think I have to agree more with Florian above, you have been saying the exact same thing for 2 years with no progress. Either move forward with something, or just say you're not doing it. There's zero reason ANY company needs to take 2 years before even testing 2FA in some kind of beta mode. It has nothing to do with any of your products, only the login. This is not rocket science, it's a 1 month job (at most!) for a single reasonably competent programmer, not 2 years with a team, and zero progress. Come on.

    After 2 years, I think it's time to update your canned response to the question. Either you haven't been working on it at all in the last 2 years, or you need to fire your incompetent programming department. There are turnkey solutions for this if you lack the programming expertise.

    I would be (am) annoyed if you just haven't felt like you need to get this done, but I would leave your platform in a heartbeat if I found out you've actually been working on this for 2 years and were unable to make it work, that's just incompetent. I don't think that's the case here, but, your current reply seems geared towards proving me wrong.

    What's the problem/hold up here?! How many data breaches of financial information have to hit the news before you think this should be some kind of priority?

    You get 1 point for at least reading the forums and responding to your customers, but, the regurgitation of the answer from 2 years ago, forces me to take that point back again.

    Very frustrating...

  • MartinGfisherMartinGfisher Member Posts: 2

    Exactly what form of data loss do we have to suffer to persuade you that we want, that we NEED 2FA? I struggle to believe that after two years you guys DONT see this as a priority. Let me tell you the lack of robust security will be sufficient for me to bite the bullet and leave Wave this year.

    edited June 10, 2020
  • CalliePCallieP Administrator Posts: 216 admin

    Hi @MartinGfisher , thanks for your comment. To clarify, two years ago we used a different banking partner, and so any progress which was made toward enabling 2FA on the provider is now moot. On our new partner, which we switched to in January 2020, we have once again begun this journey. Overall this new partner provides more secure & reliable connections long term. Thanks for your patience as we continually re-evaluate how best to approach bank connections in Wave.
    If you have concerns about security as well, we have a public-facing outline of everything Wave employs to keep your data safe when using Wave, which you can find here:
    Lastly, I removed the naming of a competing company in your comment as it doesn't comply with our Community posting guidelines.

  • MartinGfisherMartinGfisher Member Posts: 2

    So we're 6 months down the line from you switching providers. I find it hard to believe that your new provider doesn't already have the makings of a 2FA solution already in place for their other, more security-conscious corporate customers. I agree with other correspondents that this is a 1-2 month implementation. 4 months max if you want a really robust live trial on a small number of live clients.

    Seriously, take it to the Leadership team, you're hurting your business by dragging your feet in this way. Don't believe me? Just do a survey to see if people want it then give Ideshini Naidoo 3 months to implement. My guess is she will nail it in rather less.

    I don't mind that you removed the competitor's name though I find it curious that you didn't do so on other peoples posts. It is with regret that I will now be having to look elsewhere.

  • charleschiucharleschiu Member Posts: 1

    I am shocking to learn that WAVE does not yet support 2FA. With the reality that cyber security incident continues raising and events happened more and more frequently, 2FA really should be a requirement. This makes me wonder if I should start looking into other alternatives.

  • oliveoil109oliveoil109 Member Posts: 1

    Wave Apps - PLEASE add 2 factor auth. Even has two factor auth, as well as Zipbooks. Please add it, we need security on this site for all our data.

  • oliveoil109oliveoil109 Member Posts: 1

    It's very important to have 2 factor auth. My bank was compromised as well, not sure if it was bc of wave or somewhere else, but I don't understand. Even has two factor aut

  • WisecompanyWisecompany Member Posts: 4

    @AlexL said:
    With different business types come different software needs from different users.

    2FA is one of those things that benefits every business type and every different user, including WAVE!

    I constantly find myself wanting to recommend Wave to people, but my business is IT consulting and managed services. I cannot in good conscience recommend cloud services (especially an accounting service) that don't have 2FA. It is literally costing you customers.

    I too appreciate feedback from Wave in this community, but actual action on a critical piece of security would be better.

Sign In or Register to comment.