Buggy MFA and Authentication Flow on Quickbooks Online and Intuit
I've noticed a couple technical bugs, related to the overall mfa authentication flow, when using QuickBooks Online.
It seems there have been some changes pushed recently but they are a bit buggy and not unified.
I've selected "2fa authenticator app" to be my primary second factor verification method:
Issue 1:
I don't get that option to verify my identity when updating account managers.
Issue 2:
When I sign in, I only get the authenticator app for 2fa if I use the email and password option. If I request a code to be texted I get an email code for my 2fa instead of the authenticator app, which isn't even an option I can select in the 2-step verification page.
As a user because I've selected authenticator app as my primary 2fa I expect that to be consistent across all mfa requests.
Wondering what's the best place I can report these bugs, and a few others, and provide some further feedback for improvement?
To me it seems like verification, MFA, 2-step etc are not unified between Intuit and Quickbooks. I'm getting the sense that these are being handled differently, depending on how the flow was started, and If I am honest it's really causing me doubt about whether the auth and mfa methods have been implemented correctly to begin with, and it seems like a sort of by-pass of the selected 2fa methods depending on which flow was taken.
I use QuickBooks a lot and it contains important and sensitive data for myself, employees, and my company and I want to be confident in the systems I am trusting with this data.
My company consults in Development, Operations, and Security, so I am aware of the time, effort, and requirements it takes to improve these types of systems.
Please let me know how I can best provide this additional feed back and share any other details needed.