Yes! Theranest needs to implement MFA immediately and allow administrators to enforce password expirations and more stringent requirements. Without this feature we are left open to attacks.

This feature needs to be fast tracked with the Change healthcare cyber attack. All healthcare practices and vendors need to take security seriously!

The password strength requirements are disturbingly low. We would feel much more secure if the requirements were higher (Capital, lowercase, number, AND symbol) and if there was multi-factor authentication. It would also be nice to set password expirations (particularly if you aren't ready/able to set up MFA at this time).

Yes! Great idea.

TheraNest, please take these requests for greater security seriously. Your competitors, Simple Practice and Therapy Notes, have 2FA for sign in. TheraNest is a superior platform, I believe, but has to step up security. 2FA, and personal information should be obscured and revealed only upon entering a security key. Yes, this will cost TheraNest more money, and yes, it will be a hassle for users, but not nearly as much money or hassle as a data breach that includes the most sensitive information. I personally will be using a YubiKey and be keeping my notes on TheraNest of the briefest, medical nature.

Every therapist should read this article when using platforms such as TheraNest:
https://www.wired.com/story/vastaamo-psychotherapy-patients-hack-data-breach/

I would like Theranest to respond as to whether there are any plans to add two factor authentication). This is an important issue and I will likely need to look for other software platforms if it is not going to be added.

You have got to add 2-Factor authentication. Seeing the comment below about MFT insurance requiring that makes me think it is time to bite the bullet and figure out moving to another platform, I have been trying to figure out how else to make my notes and records more obscure in case of a breach. Any suggestions?

Cyber Liability Insurance carriers are requiring MFA attestations for renewal and TheraNest doesn't have the option for this yet. We are in a position of considering another practice management software provider simply because TheraNest no longer meets currently security requirements of the business insurance industry.

Two-Factor authentication at login for providers is a necessary security related feature due to PHI storage.

Yes Please add 2 factor. So important

Can you do something to increase security- dual authorization?

Hi there — I wonder if adding 2-factor authentication would be helpful. All of the data breaches incidents recently is making me a bit nervous. But, maybe theranest isn’t on any scammers’ radar? :D thanks!!

Implement 2FA for secure logging. 2FA has become a staple for highly confidential information systems, such as Theranest. You can implement with Authenticator Apps such as Google Authenticator.

Hi, how are we able to set up multifactor authentication for our account?

I like Theranest, but ignoring the extra security... for so long... not good. It needs to be remedied ASAP! This topic has been brought up for long enough now.

I'm surprised that this was brought up in 2017 and it still has not been added as a feature. It is imperative that this be added asap. Thank you.

After going through some HIPAA training, I'm appalled that this is not required and standard for a program like TheraNest. This needs to be implemented and soon.

Theranest should support mandatory "complex" passwords. Passwords greater than 12 characters in length and require the use of upper/lower case, special characters and numbers. Complex passwords increase overall security of the system.

Doing risk management and mitigation planning this is indeed on top of our list to make certain we are meeting the Security Rule. This will likely become a deal breaker and require us to migrate to another system in the future. Hate to do that with all the training invested.

Our organization has been with TheraNest since 2015. We will have to uproot and move all of our data to another EHR by the end of November 2020 if TheraNest is unable to create multi-factor authentication and also only allow certain devices (IP/Mac) addresses to access our organization account. Insurance companies we contract with are demanding this, it is not an option. Therapy Notes currently offers two-factor authentication. Please make this happen so we don’t have to switch.