Settings and activity

2 results found

1. Practice Manager - Audit trail for client history

   296 votes

   vote vote vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   vote

   We’ll send you updates on this idea

   32 comments  ·  For accountants & bookkeepers » Xero Practice Manager  ·  delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Submit Rating
   Accepted  ·  AdminKelly Munro (Community Manager, Xero) responded

   Hi everyone, thanks for sharing on your needs for a comprehensive client audit trail in XPM. We understand this feature is critical for accountability and data integrity, and we hear you on the pain points this is causing.

   As you might've read and heard updates of our teams are currently working on a unified experience across practice tools with the Xero Partner Hub.

   History of client changes aren't wrapped into the initial work, but this is something the team would like to look at longer term and for now we'll move the idea to Accepted. Once Xero Partner Hub is fully released we can consider and will share any updates around history with you all here

   An error occurred while saving the comment
   Susan Edwards commented  ·  22 November, 2024  ·  Edit…  ·  delete…

   Think this is critical info for practices to know when the client accounts were created.

   Save Submitting...
   Susan Edwards supported this idea  ·  22 November, 2024

2. Login - Don't Log Me Out/Extend Log Out Time (more than 60 minutes)

   1,071 votes

   vote vote vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   vote

   We’ll send you updates on this idea

   403 comments  ·  For small businesses » Settings & user roles  ·  delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Submit Rating
   Not in pipeline  ·  AdminKelly Munro (Community Manager, Xero) responded

   Hi everyone, we appreciate the interest surrounding this idea, however we want to be open that we're unable to extend our log-out time past 60 minutes. Xero hold a lot of sensitive information including bank data and we're required to be as secure as online banking.
   Any session information running on a web browser can potentially be stolen. If the session does not time out. You then have an infinitely long vulnerability window to session hijacking. Our best option is to keep a tight expiration window on the session cookie, and regenerate them frequently. Even setting a long timeout doesn't help with this - too long a timeout will greatly increase the risk of invasion or potentially jeopardise your personal data and the safety and integrity of the Xero application itself. This is why we maintain control of this.
   If we detect there's been no activity on a page (e.g move movements, clicks, keyboard) for 10 minutes you'll receive an inactivity prompt ('Hey Kelly, are you still there?') and if your session reaches 60 minutes you'll be redirected to the login page. 

   • As a suggestion you can periodically refresh the screen <F5> to prevent the security timeout kicking in.

   In more recent comments here it sounds like some of you are having issues with the login process or staying logged into Xero for less than 60 minutes. If you're experiencing unexpected behaviour, we'd highly recommend raising a case with our team of specialists at Xero Support where we have tools to investigate and confirm what's going on - Any details you can provide the team on the page you're trying to sign in from (e.g URL, error 500 received) or actions you were making when the login issue occurred will help. Thanks

   Hi everyone, we appreciate the interest surrounding this idea, however we want to be open that we're unable to extend our log-out time past 60 minutes. Xero hold a lot of sensitive information including bank data and we're required to be as secure as online banking.
   Any session information running on a web browser can potentially be stolen. If the session does not time out. You then have an infinitely long vulnerability window to session hijacking. Our best option is to keep a tight expiration window on the session cookie, and regenerate them frequently. Even setting a long timeout doesn't help with this - too long a timeout will greatly increase the risk of invasion or potentially jeopardise your personal data and the safety and integrity of the Xero application itself. This is why we maintain control of this.
   If we detect there's been no activity on a page (e.g… more

   Susan Edwards supported this idea  ·  30 May, 2024