- Two-step authentication combines something you know – your email address and Xero password – with something you have – an authentication code created by an app on your mobile device.
- You’ll need an authentication code each time you sign in, although you can set an option to use one code for 30 days.
- If you don’t have access to your mobile device, you can still log in using backup security questions.
- When a user sets up two-step authentication, it applies to that user’s login only, and on any device the user logs into Xero on.
Install an authenticator app on your mobile device
- Download and install the relevant authenticator app for your device:
- Google Authenticator for Android devices, iPhone, iPod Touch, or iPad, and BlackBerry devices.
- Follow the installation instructions provided for your device to add an account.
Set up two-step authentication in Xero
- Go to [Your Name], then click Account.
- Under Two-step authentication, click Setup.
- Open the authenticator app on your mobile device and scan the QR code in Xero.You can also enter your secret key manually and add these details to your authenticator app. Make sure you turn on Time-based if you’re using manual entry.
- Click Next.
- Enter the authentication code provided by your authenticator app into Xero, then click Next.
- Select your three security questions and type answers, then click Next.The security questions can be used as a backup if you don’t have your device or the code is not working.
- Click Done.
The next time you log in to Xero, you’ll need to enter your authentication code in addition to your email address and password.
