Today Xero notified all advisers that all Xero users will be prompted to set up Two-Step Authentication (2SA) by Friday November 23, 2018. This is in response to the ATO mandate earlier this year.
Most cyber attacks are easily avoided
No one wants to think about cybersecurity, but the reality is that one in four small businesses experienced a cyber attack or hacking attempt in Australia and New Zealand in 2017*. Nearly all data breaches start with compromised passwords – and can be easily avoided.
The introduction of 2SA can feel like an unnecessary change for some. But, keeping up with best-practice security is a vital part of staying safe and responsible in business – and 2SA is a mandatory requirement from the ATO.
When you log in to Xero from October 16 onwards, you will see a prompt and instructions to set up 2SA on your login. Your mobile devices will also use this security to log in.
Minimise your risk of cyber attack
- Set up an alternative email in case you need another way to verify who you are;
- Keep your software up to date (including the apps on your phone);
- Keep your login details to yourself; and
- Use strong, unique, private passwords (not your cat’s name!)
Manage your Two-Step Authentication either by phone app (which generates a unique 6-digit code), or by nominating an email address to receive the code. Either way, you can select the option for your software to remember the authentication for 30 days. This only applies to the device and browser you are accessing your accounting software on.
Check out the Xero community discussion here for more!