Avoid Losing Access to Xero

Losing access to Xero can bring your business operations to a halt. Whether it’s processing payroll, lodging your BAS, or checking your accounts, everything depends on your ability to log in securely. 

That’s why it’s critical to safeguard your multi-factor authentication (MFA) setup before something goes wrong.

How to Back Up Your MFA Setup

Multi-factor authentication (MFA) is required for all Xero users. It protects your account by requiring a code from your phone each time you log in. But what happens if your phone is lost, reset, or replaced?

You could be locked out of Xero. Your login is tied to your personal Xero account, not to your business or your bookkeeper. This means we can’t reset your MFA for you. Only you can do that.

To avoid delays with tasks like payroll or BAS lodgements, it’s essential to set up a backup method while you still have access.

Why It’s Worth Taking Five Minutes

We’ve seen business owners run into trouble after forgetting to transfer their authenticator app to a new device. Without a backup method, they must go through Xero’s support and ID verification process which can take several days.

During that time, you could lose access to reports, bills, and payroll processing.

A few quick steps now can help you avoid all that downtime.

How to Set Up Backup Access in Xero

1. Set Up Security Questions

Security questions provide an alternative way to verify your identity if you can’t access your MFA code. To set them up:

• Go to My Xero > Account > Security Settings

• Choose three security questions

• Enter your answers and click Save

  
  

Tip: Choose answers that are easy for you to remember but hard for others to guess.

2. Set Up MFA on a Second Device

Installing your authenticator app on a second device (like a tablet) ensures you have a backup option if your phone is lost or reset.

• Install your preferred authenticator app (e.g., Google Authenticator or Microsoft Authenticator)

• Scan the QR code using both your main phone and your second device

3. Save Your Recovery Codes

Some authenticator apps generate one-time recovery codes. These can be a lifesaver.

To stay protected:

• Download or write down your recovery codes

• Store them securely (not on your phone)

  
  

These codes can allow you to log in even if you lose access to your authenticator app.

Where to Review These Settings

To review or update your MFA setup in Xero:

1. Go to My Xero

2. Click your name in the top right corner

3. Select Account

4. Open Security Settings

If You Get Locked Out

If you lose access to your MFA and haven’t set up security questions, a second device, or recovery codes, you’ll need to contact Xero directly. They’ll ask you to verify your identity before they can reset your access.

Please note: We can’t help resetting your login. Xero does not allow advisors to manage your personal security details.

Disclaimer: This article is intended to provide general guidance and is not specific advice. We encourage you to seek tailored advice for your circumstances.