Subscribe to our Newsletter

Xero 2 Step Authentication compulsory in Aus starting 11 September

Written by Bryn Robinson • Director
Published on 05 Sep 2018

Xero and Fitzpatrick Group – both champions in Cybersecurity.

Xero further enhances their multi-layer security, making 2 Step Authentication compulsory for payroll administrators and subscribers starting from 11 September 2018. Payroll Admins and Subscribers will only be able to access their account once they have set up 2SA.


What if I am not a Payroll Admin or Subscriber?

All remaining Xero users will be required to set up 2 step authentication by 20 November 2018. This new cybersecurity process has been added to further improve security for users and clients to reflect recent cybersecurity recommendations provided by the ATO.


Will I be able to set up 2 Step Authentication before the compulsory compliance date?

Xero will be sending out invitations on 23 October 2018 to give users a chance to become compliant to prevent time-consuming interruptions in their workflow.


What does 2 Step Authentication mean for my business?

It means added security – an extra layer of protection to ensure that confidential details and information can only be seen by people who are meant to see them.


How does it work?

2SA works by connecting your login credentials to a device that you have access to at all times. This is often your phone. Xero uses the Google Authenticator with a rolling code that changes intermittently.

Once you have logged in to your Xero account – you will be prompted to enter the code found in your Google Authenticator App from your selected device. Enter the code you see on screen to authenticate and complete the 2SA login process. You also have the option to set your login device as a trusted device for 30 days. This will allow you to login on the trusted device without the second step for 30 Days.

If you do select this option it’s important to note that deleting your browser history before the date you authenticated will result in the 30 Day Trusted Device condition to dissolve.

Check out another recent blog in this category.

Bryn has spent nearly 20 years with Fitzpatrick Group Building Better Businesses. Now a Director and also General Manager, Bryn assists our business clients in the areas Accounting, Taxation, and Business Growth.
Authour \u2022 Bryn Robinson

Bookkeeping Manager, Fitzpatrick Group

Need help setting up your 2SA?