Xero two-step authentication will soon be compulsory

No one wants to think about cybersecurity, but the reality is that one in four small businesses experienced a cyber attack or hacking attempt in Australia and New Zealand in 2017*.

Nearly all data breaches start with compromised passwords – and could be easily avoided.

Keeping information secure is fundamental to running a connected business. That’s why two-step authentication (or 2SA) will soon be compulsory on your Xero login.

What is two-step authentication?

2SA creates an extra layer of security to your email and password. It requires you to enter a short-lived code – generated by an authenticator app on your smartphone or desktop – when you log in. You will need to enter the code at least once every 30 days to verify yourself.

When (and why) is 2SA compulsory?

2SA has been available on Xero since 2015. Now, updated requirements from the Australian Tax Office (ATO) have made it compulsory. This means that anyone logging into an Australian organisation on Xero will need to set up 2SA. It will become mandatory on a rolling basis between Tuesday 30 October and Friday 23 November 2018.

Got it. So how do I set up 2SA?

From 16 October 2018, you will see a screen that prompts you to activate 2SA when you log into Xero. Simply press the ‘Set up two-step authentication’ button and Xero will walk you through the steps to strengthen your security.

In the meantime, you can find the latest resources – such as setup guides, frequently asked questions and video instructions for iPhone, Android and desktop – on Xero’s two-step authentication homepage.

If you experience any difficulties, take a look at our troubleshooting page on Xero Central or call Omnis Group’s Xero Certified Advisers in Perth on 08 9380 3555.

* Norton Cyber Security Insights Report 2017 Global Results

Source Xero