6 results found
-
Login - Account Settings - Log in to - BUG FIX
Please fix the Account setting for the Log in to preference so that it works as advertised.
Currently the option to log in to "The organisation I was last in" does NOT work as advertised. It will log me in to a seeminly random organisation from the list of my organisations.
I believe that it is logging me into the "Last organisation that ANYONE was in"9 votesHi community, returning back to this idea and connecting with product we've found users in the same situation have often accessed Xero from a saved bookmark.
If you're still running into the same and have saved a bookmarked URL to access Xero we'd recommend removing this, and going to my.xero.com, or login.xero.com to login to Xero.
If the issue persists it's really best for our specialists at Xero Support to investigate further. You can reach them by raising a case through Xero Central.
With issues like this being best looked into with our support team directly we'll close this idea. Please feel free to respond to let others know if the method above helps. Thanks!
-
Salary - restrict access to view salary entries
Stop staff viewing salary information via the contact or the account code, this is a MASSIVE problem and is costing real money right now. I am sure we are not the only business for whom this is a huge problem!
1 voteHi Damien, we'll need a bit more information on your workflow to best understand your needs here, and this would be best raised with our support team directly as a start.
It doesn't look like you've been in touch with our specialists at Xero Support yet, so I'd recommend raising a case with them through Xero Central where they'll be able to get more detail of your processes and if there's any recommendations they can make to help you to censor sensitive information from your staff.
-
MFA | Remove requirement to use
Get rid of this stupid MFA on EVERY sign in.
It used to be monthly which was bad enough, now it is a constant pain having to use an authentication device just to get access to Xero. MFA is a complete waste of user time. My bank doesn't use it and I trust them not to lose my money, so why does accounting software need it?
If the ATO insists on it with their stupid STP, then link it to STP and nothing else.12 votesHi everyone, we appreciate your feedback about multi-factor authentication, and this has been shared with our teams internally. Security and protecting your data is highly important to us and we want to be upfront that we don't have any plans for removing the requirements for logging into Xero with multi-factor authentication.
That said, we're continuing to improve the experience and offering more ways to verify your identity when logging into Xero.
-
User Roles | Individual permissions to use Pay with Wise
1) Limit which users can use this payment system (for security reasons)
2) Limit how much they can pay out at any one time (for security reasons)2 votesHi all, while we removed the Pay with Wise, as a follow on from our last update we wanted to confirm that we have released UK bill payments in Xero.
Customers in the UK can set up direct bank transfer as a payment method for GBP bills to quickly and securely pay bills. Funds are transferred from your bank account by Crezco using open banking. The availability of open banking in the UK has enabled us to offer this on-platform. 🙂- Read more on our Blog
-
Files - Ability to upload any type of file to the library
To make the user able to upload any type of file into the library in Xero.
Purpose: To have more variety of file types that can be uploaded into Xero.
7 votesHi everyone, there’s already a pretty wide range of accepted file types available for upload, listed here. Allowing any file type to be uploaded is not best practice from a security perspective, so we need to manage the file types available. For example, the XML file type can be used to perform a variety of attacks that we want to avoid to protect our customer’s data. For that reason we don’t have any plans to make the XML file type available. If there are other specific file types that you want to see, feel free to start a new idea per file type so we can gauge demand and assess associated risk.
-
Login - Don't Log Me Out/Extend Log Out Time (more than 60 minutes)
Develop the feature where Xero doesn't log user out time is extended for more than 60 minutes when it’s idle.
Purpose: Because having to log in again can disrupt users' workflow, which some users had to be interrupted as they’re also taking care of their business at the same time.
1,057 votesHi everyone, we appreciate the interest surrounding this idea, however we want to be open that we're unable to extend our log-out time past 60 minutes. Xero hold a lot of sensitive information including bank data and we're required to be as secure as online banking.
Any session information running on a web browser can potentially be stolen. If the session does not time out. You then have an infinitely long vulnerability window to session hijacking. Our best option is to keep a tight expiration window on the session cookie, and regenerate them frequently. Even setting a long timeout doesn't help with this - too long a timeout will greatly increase the risk of invasion or potentially jeopardise your personal data and the safety and integrity of the Xero application itself. This is why we maintain control of this.
If we detect there's been no activity on a page (e.g…
- Don't see your idea?