Xero - beautiful accounting software

Xero Business Help Center

Xero Business Community

Community > Feature Requests >
104
Vote

Two Factor Authentication on Xero login

Started by David Loeffler -   in Feature Requests | To Be Scheduled

I'd really like to see Xero introduce the option of two factor authentication as Google and Dropbox have done. While I love Xero, as it's footprint becomes larger and larger, security could become an issue.

For those who don't know 2FA is an additional layer of security on top of a username and password, whereby a one-time password is generated for the user to input with each session (or even per machine).

Given the sensitive nature of the information people hold on Xero (bank account information, payroll data etc), I believe more security is better than less security.

Having 2FA as a pre-emptive measure could be very smart i.e. before something happens.

Both Dropbox and Google make it easy by allowing you to use Google Authenticator or SMS to enter in a one-time password. This is something that could be considered.
Official Xero Reply
Hi, I'm Paul, the Head of Security at Xero.

As Kirk mentioned above, we were analysing the options for 2FA back in 2013 but this was parked while we addressed other priorities. After revisiting this it's now been assigned to a business analyst to work through the next phases of designing a solution. We can't give you a time frame for delivery right now but will update you once designs are completed and we have a development team ready to go.

The security of Xero and our customers is important to me and we're expanding the security team to make sure your concerns are addressed.
 

Paul M (Xero Staff)