Registry Direct manages your company and investor data and keeping it safe is a high priority.
One of the ways we protect your data is through Multi-factor Authentication (MFA), which verifies your identity when you log in to our platform. To comply with Australian Tax Office (ATO) changes to MFA regulations, from the 1st of February 2023 we will be requiring you to re-authenticate the device you use to log in every 24 hours. Previously when logging in you could skip entering the one-time verification code on a trusted device for 30 days by checking the Remember this device for 30 days checkbox. However to comply with the aforementioned ATO regulations, we have shortened this trusted device period from 30 days down to 24 hours.
Why is the trusted device period for MFA only 24 hours?
The ATO maintains MFA regulations which are designed to increase cybersecurity through a range of measures. These regulations apply to software providers like Registry Direct, and anyone who is accessing our services.
The growth of online services has been accompanied by a rise in cybercrime. Phishing scams are designed to trick people into giving up personal information, such as passwords, through fraudulent emails, text messages or websites. In response to these increased cybersecurity threats the ATO has tightened its MFA requirements. This includes limiting “Remember me" login functionality to less than 24 hours.You can read more about this measure in the "Products controlled by DSPs" section of this article on the ATO website.