Xero finally brings in two-factor authentication

By

Uses Google Authenticator one-time passwords.

Online accounting company Xero said it will enable two-factor authentication (2FA) this week, around two years after its customers began demanding the security feature to protect their accounts from unauthorised access.

Xero finally brings in two-factor authentication

Xero head of security Paul Macpherson said the feature would help customers ensure their accounts are not compromised by phishing scams and malware.

"Protecting our customers’ information and business data is our number one priority," Macpherson said in a statement.

“That’s why we’ve enhanced Xero to include another layer of control that will make it significantly more difficult for anyone other than the Xero account holder to access their information."

Xero will use RFC 6238 time-based one-time passwords (TOTP) for the 2FA feature, with customers required to install the Google Authenticator app on their smartphones.

Larger organisations with multiple users can enable 2FA on a per-user basis.

Xero has been slow to respond to "gobsmacked" customers demanding the additional security measure since 2013. Last year, Xero product manager Andrew Tokeley told iTnews 2FA was not a priority to implement for the company compared to other highly requested features.

However, after a phishing campaign in October this year that saw some accounts compromised and passwords reset, Xero Australia managing director Chris Ridd said 2FA would be introduced along with further user security education initiatives.

The company has 600,000 subscribers in more than 180 countries.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?