Xero Two-Factor Authentication (Xero 2FA): We’ve covered the notion of two-factor authentication (2FA) and multi-factor authentication (MFA) before, especially how you MUST enable it for all sensitive accounts. Personally I include ALL users.
The video provided for Xero 2FA is quite handy, and I’ve included it at the bottom of the page for simplicity. Personally I prefer a handful of screenshots and a few lines of instructions in order to save myself the time it takes to listen to waffle and I end up forwarding past the point that was useful!
We’ll assume you are a Xero user and you are logged in to your Xero account and you want to enable Xero 2FA.
- Click on your name on the top right and go to Account:
- Click Setup under Two-step authentication:
- Download the Google Authenticator App to your phone:
- Open the Google Authenticator App and tap Begin Setup:
- Tap Scan Barcode:
- Allow Access to your camera and point your phone camera towards your screen (forgive the finger):
- In your browser click Next. Use the code from your phone:
- Enter your Authentication Code. In this example the code is 232686. Click Next:
- Complete the three security questions. Click Next:
- Success! Click Done:
My one complaint about Xero is that it does not allow an Administrator or account owner to enforce Xero 2FA for users. Hopefully Xero will take a look at this in the future as access policy enforcement and enabling Xero 2FA should be for all users, be they internal, such as employees adding expenses, or external, such as your accountant.