MFA | Add support for Yubikey
Please can you add support for Yubikeys, the development webpage is here:
Thanks for sharing with us here, everyone. We appreciate why you'd like simpler methods to improve efficiency when logging in to use Xero.
Our product team have started some work to enable logging into Xero using passkeys. As mentioned in some of your comments, this'll support Yubikeys by default.
For now, we'll move this idea to Under review and I'll come back to keep you updated on the latest news for this feature.
-
Kirsten Crutchley commented
Second all comments below, this is an essential addition.
-
Jason Loeken commented
Please Add Fido2 authentication as this will speed up MFA and 2FA auth.
it will work on phones via NFC contact of the key to your phone and with workstations you need to tap the sensor. we use it for all our other security MFA applications.
- Faster to log in
- Most secureFIDO2 is the best...
-
John Crane commented
A core driver for cyber criminals is to steal money. It should be a standard offering to have a hardware based, phishing resistant authenticator like Yubikey on a financial system. Please take this seriously Xero.
-
Ben Curthoys commented
I just got a pair of Yubikeys because AWS was nagging me constantly for MFA and I worry about losing my phone.
Did not occur to me to check in advance whether Xero would support Yubikey, I just assumed it would, and I'm honestly shocked and a bit embarrassed for you that you don't.
-
Iain Elder commented
Just started using Xero.
Every time I log in it wants me to set up MFA.
Yubikey is my preferred option here.
-
Stephen Gallaher commented
Support for hardware security keys like Yubikey would significantly enhance security of Xero. Because we are storing sensitive financial data, we need to have strong control over access that security keys provide.
-
John Moseley commented
We want to make use of the Yubikey solution to improve the security of access to Xero.
-
Joe McBrien commented
100% agree
-
Noel Dixon commented
I just purchased a set of Yubikeys, so this would be a great option, yet I thought it would have already been available? This request may perhaps go the way of the years long requests for dark mode.
-
Bob Anderson commented
+1 please add this option to make access to Xero more secure.
-
Nigel Herring commented
Time to get ahead of the curve Xero. Provide support for Yubico. Customers don't want multiple processes or proprietary keys. One key for everything. Get it happening.
-
Dion Morrow commented
Would realy like to use the yubikey to authenticate
-
LOXAM AUSTRALIA commented
Given that MFA is mandatory with Xero - I would expect by now hardware would be included as an option, being the most secure way to authenticate. Making another app for TOTP and ease of login doesn't quite cut it unfortunately.
-
Alan Turner commented
Yubikey support has been requested many, many times on the community forum, and Xero continually refuse, which I find very surprising.
The community forum thread requesting it seems to have been deleted with the introduction of "Product Ideas".