Protect Your Business with Xero and Two-Step Authentication

As a business owner it's important to protect your business and personal information when online. Businesses get subjected to a constant barrage of phishing scams and malicious software attempting to steal user account names and passwords. So it’s vital that businesses everywhere ensure they have strong security practices to keep their information secure. Security is an issue that everyone needs to take seriously.

That's why we recommend two-step authentication for all Xero users. Two-Step Authentication is available to all Xero customers to provide an additional layer of security for your Xero user accounts. This ensures that should the worst happen and your password gets stolen by phishing or malware your Xero account will not be compromised.

When you have two-step authentication enabled you need to provide two authentication “factors” to login, plus your Xero username. The first factor is something you know, your password.  The second factor is a unique six-digit code that’s generated by a separate app on your smartphone. With two-step authentication enabled, only the Xero user with access to that trusted device will be able to log in. This makes it more difficult for unauthorised people to access your data.

If you don’t have your mobile device with you when you need to login to Xero, you can answer the security questions that you set up when you enabled two-step authentication. We recommend that you only use the fallback questions when necessary.

If you require any assistance or have any queries about two-step authentication please do not hesitate to contact us.

For more information and a helpful video from Xero on two-step authentication: