Xero two-step authentication will soon be compulsory

Nearly all data breaches start with compromised passwords – and could be easily avoided.

No one wants to think about cybersecurity, but the reality is that one in four small businesses experienced a cyber attack or hacking attempt in Australia and New Zealand in 2017*.

Keeping information secure is fundamental to running a connected business. That’s why two-step authentication (or 2SA) will soon be compulsory on your Xero login.

What is two-step authentication?

2SA creates an extra layer of security to your email and password. It requires you to enter a short-lived code – generated by an authenticator app on your smartphone or desktop – when you log in. You will need to enter the code at least once every 30 days to verify yourself.

When (and why) is 2SA compulsory?

2SA has been available on Xero since 2015. Now, updated requirements from the Australian Tax Office (ATO) have made it compulsory. This means that anyone logging into an Australian organisation on Xero will need to set up 2SA. It will become mandatory on a rolling basis between Tuesday 30 October and Friday 23 November 2018.

Got it. So how do I set up 2SA?

From 16 October 2018, you will see a screen that prompts you to activate 2SA when you log into Xero. Simply press the ‘Set up two-step authentication’ button and Xero will walk you through the steps to strengthen your security.

In the meantime, you can find the latest resources – such as setup guides, frequently asked questions and video instructions for iPhone, Android and desktop – on Xero’s two-step authentication homepage.

If you experience any difficulties, take a look at the troubleshooting page on Xero Central or call Carrick Aland’s Xero Certified Advisers in Dalby, Toowoomba or Chinchilla on 07 4669 800.

* Norton Cyber Security Insights Report 2017 Global Results

Source Xero