Two-step authentication adds an extra layer of security on your Xero account.
- Two-step authentication combines something you know (your email address and Xero password) and something you have (an app on your device creates a code).
- The authentication app on your device creates the authentication code.
- You will need the authentication code each time you sign in (or every 30 days if you've previously selected Remember me for 30 days).
- If you can't access your device, you can still log in using backup security questions.
- Two-step authentication applies to the user level, not organization-wide.