Xero Mandatory Two-Step Authentication

This one is for all Xero users.

At present Xero has optional two-step authentication. In simple terms, 2SA adds another level of security to your Xero information. That is about to change. Whether you like it or not, it is about to become mandatory.

What is two-step authentication?

Your email address and password will require a six-digit number that is generated by an app (most commonly Google Authenticator) installed on your phone or tablet. There are alternatives (winauth) if a phone app is inappropriate.

What is the timing for mandatory 2SA?

2SA became mandatory for subscribers and payroll administrators across Australia on September 11. By the end of this year, every customer with access to Xero in Australia will be required to take up 2SA.

Is it hard to do?


Are there any problems?

Magnus has been using 2SA since it was made available in December 2015. We have had the occasional synchronisation issue but generally works really well.

Useful links



View more blog articles