topic Re: This new authentication way of logging in is straight garbage in Restaurant Operations

This new authentication way of logging in is straight garbage

tscove — Sun, 02 Apr 2023 17:53:49 GMT

I get what toast was trying to do with logging in mobile, letting your devices security (fingerprint or face) log you in "faster" but it's literally now an EXTRA step to login EVERY time.

Why if I authenticate with my fingerprint, do I STILL get the captcha stuff? How dumb is that, I just proved I am not a robot, also it's not integrated into my phones platform so it doesn't of course just populate my authentication then login no, my phone has to ask if its okay every time then loads to a new screen then of course can't forget the Captcha my god no what if the robot's got my face somehow.

Seriously, the webapp isn't great but logging in before was at least somewhat easy. How long do we need to wait till there is a dedicated app for us to check/see toast reports? Square and Lightspeed both have these and they're slick as all get out. Toast could do this if they want but they just continue to not or say "oh we're working on one" bull.

Please, I am begging you, make it faster to login on mobile. Cut the incessant captcha stuff after it's been even an hour. Even my bank in't that bad.

/rant

Re: This new authentication way of logging in is straight garbage

rcmck — Sun, 02 Apr 2023 19:01:00 GMT

I haven't seen a captcha since I set it up (on up to date chrome at least) only when logging in on a new device.

Re: This new authentication way of logging in is straight garbage

josh212 — Thu, 06 Apr 2023 13:28:43 GMT

I turned off two factor… I must do 45 captchas a day…you need to allow window management and redirects

Re: This new authentication way of logging in is straight garbage

escoop — Sat, 01 Feb 2025 22:03:08 GMT

I LITERALLY had to do two factor authentication JUST TO REPLY TO THIS POST, even though I'm ALREADY LOGGED IN!! It won't let me disable it for my account...says it is required. Every time I'm logged off in the day (which happens every time my computer sleeps, which is a lot,) I have to go through this whole rigmarole all over again. STOP THE MADNESS and turn this thing off, or at least let me turn it off. I don't have time for this all day long!!

Re: This new authentication way of logging in is straight garbage

escoop — Fri, 07 Feb 2025 21:40:41 GMT

If you have financial access you can NOT turn it off!!! UUGH!

Re: This new authentication way of logging in is straight garbage

tinathom — Sat, 08 Feb 2025 03:23:02 GMT

I wish Toast would stop with the "improvements." This makes logging in so much harder and ridiculous when you have the system pulled up on several monitors throughout the restaurant. Always had the two step on Toast payroll, which I understand, I guess, but now they have combined the portals. One password and 2 step every time you log in in back office. It can't be removed apparently. If you are on the fence about Toast payroll, understand you'll have to use 2 step authentication every time you use back office. I wish I never enrolled in Payroll. This level of security is absolutely not needed for back office.

Re: This new authentication way of logging in is straight garbage

tinathom — Sat, 08 Feb 2025 03:23:56 GMT

Same!!

Re: This new authentication way of logging in is straight garbage

rcmck — Sat, 08 Feb 2025 03:47:35 GMT

It absolutely is needed. You are saying you have an account with financial access just logged in on several computers throughout the restaurant? You should create an account with only the permissions that are needed for what you are doing with it, then you can turn off two factor for that account.

Re: This new authentication way of logging in is straight garbage

tinathom — Sat, 08 Feb 2025 06:59:01 GMT

Maybe you didn't have a chance to read through the thread, instead of reacting to my last sentence. It was all Toast that combined the information. Payroll and back office used to be separate. And I can't turn anything off anywhere since I use Toast payroll. So maybe you run your restaurant and I'll run mine. I won't tell you what you absolutely need to do, and I'd appreciate the same.

Re: This new authentication way of logging in is straight garbage

rcmck — Sat, 08 Feb 2025 19:38:39 GMT

I read it, I was suggesting a way to avoid the two factor. https://doc.toasttab.com/doc/platformguide/intAdminMfaEnablingAndDisabling.html was just saying that the two factor requirement from toast is needed, you can change your bank accounts from the backend with those permissions.

Re: This new authentication way of logging in is straight garbage

escoop — Sun, 09 Feb 2025 06:46:38 GMT

Gosh, just to participate in this thread, I had to multi factor AGAIN!. THIS SUCKS! Every time my computer sleeps, which it does all day for SECURITY (Yup, can you believe it? I was already doing just fine securing Toast access on my own) I get logged out of Toast and have to multi factor back in. What a waste of time! Check out this screenshot! Somebody at Toast, STOP THE MADNESS!

Re: This new authentication way of logging in is straight garbage

Rob — Tue, 11 Feb 2025 00:41:52 GMT

Hey, I’m sorry to hear about the issues you’re experiencing with the back-to-back authentication. I personally haven't dealt with this myself, and it seems that some other community members haven’t encountered this problem either. Perhaps there’s something that can be done to prevent it. Have you reached out to support regarding this? If so, could you please provide me with the case number? I would like to use this as a reference to see if we can find a solution.

Re: This new authentication way of logging in is straight garbage

Penguin_Meg1 — Tue, 11 Feb 2025 23:03:48 GMT

escoop:

All I can say is I feel your pain. I have started a case # with Toast support voicing my frustration because my managers are all pretty upset with this login situation. For us it has shown to be less secure and not functional in a restaurant environment so I feel like there must be some ways we can play with permissions so the multi authentication doesn't have to affect ALL my MODS.

I plan on calling Toast daily, if time allows, to be the squeaky wheel and hopefully get this issue escalated. If I get any new information I'll come here to update.

Re: This new authentication way of logging in is straight garbage

Penguin_Meg1 — Thu, 13 Feb 2025 20:21:33 GMT

I'm sorry this info isn't more helpful but it's what I've found out at this point.

After much time spent on the phone with Toast POS and Toast Payroll there is not a way to turn off multi-factor authentication for people who do not have access to financials, because they are making it so that everyone who logs into TOASTTAB will have to have the multi-factor login regardless of their permissions.

My main concern is that this switch over has made my Toast Payroll account that is HR+ much LESS secure than it was before due to the fact that Toasttab does not automatically log out if it's been inactive for a period of time. If Toasttab doesn't logout then Toast payroll doesn't logout. This is much less secure when you have MANY managers using the same back office computers.

My managers are also having a lot of issues with Toast Login allowing them to login at all. It get stuck in a loop of login process.

I have a case number open that I am using as a reference and submitting a feature request daily for the issues to be solved with some urgency.

Re: This new authentication way of logging in is straight garbage

KellyLynn01 — Fri, 21 Feb 2025 00:02:55 GMT

You're right, it is a fairly long process to log in, but the way I look at it is that Toast is helping not only protect my business's security, but the security of all my employees information (bank account numbers in payroll, tax forms, etc). I know this isn't the solution you were looking for, but it really does help to think about it in the way that I know we're doing everything we can to keep us all safe!

Re: This new authentication way of logging in is straight garbage

Penguin_Meg1 — Fri, 21 Feb 2025 16:05:06 GMT

I don't expect Toast to care about he how inefficient of a system it is when it comes to security. Protecting our information is top importance. My problem is that it has made things MUCH LESS secure. I have and will continue to put in customer care cases with Toast support until something changes. The way it is less secure, is if someone forgets to logout or steps away from the computer and how Toast Payroll and ToastTab are now linked.

Let me explain:

I know most restaurants operate under these circumstances. Many managers using the same back office computers- Assistant Managers to ADMIN using the same computers at different times. Restaurant people also don't spend a lot of time at the computer, they need to jump onto toasttab to pull numbers from sales summary, or review time entries, product mix reports, lookup a ticket. Most things are about 5-10 min on the computer and then jumping off it, usually under a time constraint. And about 50% of that time you're on the computer you get interrupted because of one thing or another (customer issue, repair issue, staff issue, etc.).

If a manager forgets to close out their toasttab then payroll is now accessible through their toasttab and toasttab doesn't TIME OUT. Toast Payroll used to time out and close out if you were inactive for 15-30 min. Toasttab however just stays open. So it doesn't matter if there is a mulit-factor authentication if toasttab is left open for any reason everything is open for whoever sits at that computer next.

I have seen this happen in multiple ways. Here is one: My general manager logged into her toasttab to do the drawers at night and got pulled away at the end to take care of a closing issue and forgot to log out. The computer went to sleep and I came in the next morning and her toasttab was still open. I wanted to test the security. I clicked on the payroll link in her toasttab and no problem it opened up her payroll account which is an HR+ and asked for no multi-factor authentication. I then closed the browser tab with toast payroll. Went back to toasttab and logged her out. I logged myself back in with multi-factor authentication in toasttab. Clicked on Toast payroll and once again HER TOAST PAYROLL access opened up.

The are a few more examples that I have given to toast that are just as alarming.

I am saying all this because I am pleading with Toast POS and Toast Payroll almost daily to fix this serious lack of security. Toast listens if we speak up as customers. They are made for restaurants and they change to make us better. This change is not better and the more I can be a squeaky wheel I will do it. As much as the login process is inefficient that is not the point.

Toast engineers, this system has had unintended consequences that can be solved by making Toasttab time out of sessions.

Re: This new authentication way of logging in is straight garbage

escoop — Fri, 21 Feb 2025 16:23:14 GMT

It is my understanding (but totally willing to accept that maybe I have it wrong) that if we have financial "access" or "approval" levels, then we can NOT turn off the two factor. If there is a way, please help me. I don't want to have two separate logins (one with financial access and one without) as that defeats the purpose of easy access. If I do that, then I'll be logging in and out of accounts throughout the day! yikes!

Last night again, I had to do it over and over and over. And after I'd already done it a bunch, I had to do THREE more within 30 minutes...one to get onto the community, another when I clicked a link in the community and again to go into Toast to make my correction. I'm losing my mind here! (See attached screenshot showing RIDICULOUS number of multi factors in one night.)

Re: This new authentication way of logging in is straight garbage

Penguin_Meg1 — Fri, 21 Feb 2025 16:47:12 GMT

You're totally right. Initially, someone told me that if you DON'T have access to financials you could turn multi-factor off but then later I spoke with another rep that said everyone that has a toasttab login has to have it regardless of access levels. From what I have found out, 2 separate logins will not help, you'll still have to have the multi-factor login. I'm sorry.

You sound exactly like all of my managers, they're pulling out their hair trying to do simple tasks. Please put in customer care cases and try to make Toast aware of your struggles. They really do listen and make changes if there is enough support and logic behind needed changes.

Re: This new authentication way of logging in is straight garbage

rcmck — Fri, 21 Feb 2025 16:57:59 GMT

You can definitely turn off multifactor if you make an account that doesn't have any of the required permissions, I have a couple of them setup for basic needs in the office.

Re: This new authentication way of logging in is straight garbage

Penguin_Meg1 — Fri, 21 Feb 2025 17:02:56 GMT

What are the basic office needs that you have those accounts set up to do? I have tried altering permissions for the most basic access levels for my assistant front of house manager that basically needs to do labor (checking clockin and outs) and sales summary for pm drawer counts. It still does not allow for turning off multi-factor authentication.

I was initally told that if the employee doesn't have permission 8.1 & 8.7 then they could turn it off. That proved to not work. Upon calling again they customer care agent said ALL toasttab logins are going to be required to have it regardless of permissions.