It’s vital to have strong security practices in your own business to keep your information and your client data secure – especially as cyberattacks become more frequent.

These resources are designed to help you bolster the security of your Xero accounts.

Use Strong Unique Passwords

The password – or better yet, passphrase – that every member of your team uses to access Xero Practice Manager and Xero Tax must be strong and unique – different to the one used for your Xero business account or for any other website or online service.

Security in Practice

Learn about the tools Xero uses to protect your data and how to stay safe online on the Xero Security Page. For updates on phishing and other scams targeting the Xero community please check out the Security Noticeboard.

Log in History in Xero

Keep an eye on the recent login history for your Xero Business account. See when and where someone has logged into Xero, and what to do if there’s an unusual login.

View course

Two Step Authentication

Xero Business, Xero HQ and My Xero support two-step authentication. Read the Xero blog post to learn why it’s essential for your business and take a few minutes to see how quick and easy it is to set up.

Passwords in Xero

Your first line of defence is crucial. This quick course covers ways to keep your Xero password safe and tips on creating a strong password.

View course

Control Staff Access

Review staff permissions in Xero Practice Manager and limit the staff with lodgement, admin or financial privileges. When staff members leave, remove their access to Xero, Xero HQ, Xero Practice Manager and Xero Tax.