Skip to content
← Share and support customer ideas for Xero

Settings and activity

4 results found

  1. Cybersecurity - Phishing resistant MFA & logging of failed MFA attempts

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  For small businesses » Settings & user roles  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    Simon Pilot shared this idea  · 

  2. MFA - Touch ID and Face ID verification

    6 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  For small businesses » Settings & user roles  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    working on it  ·  AdminKelly Munro (Community Manager, Xero) responded

    Hi team, as another update surrounding passkeys we wanted to share that this week we've released passkey log in for Xero Me app users who haven't set up MFA yet. This is just the first stage, and over the coming months we'll progressively make this feature available to more users. I'll be back to share more as passkeys become available to more users.

    Simon Pilot supported this idea  · 

  3. MFA | Add support for Yubikey

    56 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    15 comments  ·  For small businesses » Settings & user roles  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    under review  ·  AdminKelly Munro (Community Manager, Xero) responded

    Thanks for sharing with us here, everyone. We appreciate why you'd like simpler methods to improve efficiency when logging in to use Xero. 

    Our product team have started some work to enable logging into Xero using passkeys. As mentioned in some of your comments, this'll support Yubikeys by default.

    For now, we'll move this idea to Under review and I'll come back to keep you updated on the latest news for this feature.

    Simon Pilot supported this idea  · 

  4. Login - Enable Windows Azure Active Directory Single Sign On

    427 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    138 comments  ·  For small businesses » Settings & user roles  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    submitted  ·  AdminKelly Munro (Community Manager, Xero) responded

    Hi community, we appreciate many businesses have adopted single sign on with providers like Google, Microsoft Azure/Entra, and Okta to easily streamline logins to many applications and manage operational risk. Our team are staying close to votes and feedback of the idea here, and though we can't commit to development at this time, we will be sure to let you know of any progress toward enabling single sign on

    An error occurred while saving the comment
    Simon Pilot commented  · 

    We are implementing the Australian ESSENTIAL 8 security measures. Can we have single sign on so we can use phishing resistant MFA & log MFA failure? https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight/essential-eight-maturity-model

    An error occurred while saving the comment
    Simon Pilot commented  · 

    The purpose needs to be changed from easily login to cybersecurity: "Successful and unsuccessful multi-factor authentication events are centrally logged". This is a security compliance issue.

    This is preventing my company achieving Australia's Essential 8 Cybersecurity Maturity levels above level 1

    An error occurred while saving the comment
    Simon Pilot commented  · 

    Single Sign On SSO with Microsoft Entra ID is required to restrict logins to compliant devices only. We don't allow BYOD access to Xero but we can't enforce this check without SSO sign in workflows. This represents an unacceptable risk to our business.

    Simon Pilot supported this idea  ·