New QuickBooks password security requirements – and the unintended consequences

The new password security features of QuickBooks 2016 are having silent but far reaching impact. This is due to the latest release update, R7. Intuit has rolled out the latest QuickBooks desktop security update and the changes have created a growing uproar in the user and accounting communities. Rest assured, your comments are being heard.

Full story is that Intuit has updated the currently supported QuickBooks desktop versions (2014, 2015, and 2016) so that most users are now required to have a complex password – depending on what information is stored in their file. This is a change from before, where you were required to have this kind of password security only if you enabled Customer Credit Card Protection. Now this applies not only if you have enabled the Credit Card Protection feature, but also if your file contains Personally Identifiable Information.

“Personally Identifiable Information” includes:

– An employee record with a Social Security Number, even if not using Intuit payroll
– Any vendor record with a Vendor Tax ID, even if not processing 1099s
– Any bank account in the Chart of Accounts with a Bank Account Number or Routing Number, even if not using online banking
– An Employer Identification Number or Social Security Number in the QB Company Information screen

From the list above, it is understandable how it is very rare to find a QB file that does not have “Personally Identifiable Information”. That is what is causing the new requirement for a password now.

This has brought about several unintended consequences:

  • A hardship in the accountant community where firms have many clients’ books in their office. It creates a new burden to manage many different user passwords and then every 90 days, change them again.
  • QuickBooks add-ons (such as QQube, with which we work great deal) to lose their integrated application connection. This requires support services from the consultant for the add-on to be reconnected to QuickBooks and work again.

One of our CPA colleagues said:

“This is a hardship in the CPA community where we have several clients’ books in our office on a closed network. So, for example in my office, we have three bookkeepers and thirty clients on our internal QuickBooks, that’s 90 different passwords and then every 90 days they have to be changed… ridiculous. And since these clients are on different time periods (monthly, quarterly, annual), the administrative tracking and time spent alone is stupid.”

He goes on, “I have a few CPA friends who are going to research other products if they don’t change it. We despise being treated like children… if we want to take the risk then we should be able to turn it off. We’ve only upgraded a few clients to 2016 so far so for now, we are stopping all upgrading projects until this is resolved.”

These are very significant comments. What has the impact been to you? Anything to add to the list? How do you feel about the changes? If you have not already done so, I strongly suggest to voice your thoughts via inside the QuickBooks Help menu > Send Feedback Online. Comments sent by users and accountants do get read and heard.




Mario Nowogrodzki, CPA.CITP, is founder and principal of Mendelson Consulting (, an accounting technology firm that assists entities with planning, selecting and implementing business management systems. The firm was selected as Top Technologist by the Sleeter Group and Top Integrations Advisor by Insightful Accountant. Nowogrodzki is a member of the Florida Institute of CPAs Business Technology Section; a contributing author and speaker for Intuit, Accountex, and the Woodard Group. Contact him at or at 954-447-0250.

Leave a Reply

Feel free to give us a call.

We look forward to hearing from you!