Cynch Security

View Original

Review the security of your Xero logins

Xero gives you some good detail about things like the history of an invoice, but it’s a bit trickier to see what’s going on with the logins of accounts accessing your Xero Organisation. Regularly reviewing who’s logging into your Xero Organisation is a great way of building the Cyber Fitness of your business.

Here are a couple of things you can check to make sure things in Xero stay above board.

Login to Xero from the right place

Make sure you’re logging into Xero on the correct site

Checking that you and your team are accessing Xero from the right site is pretty fundamental. There are plenty of dodgy emails out there that will try and get you to share your login details with them by sending you to the wrong place.

If you’re just here looking for the right spot to log into Xero?

Here you go: https://login.xero.com/

Check your own Xero login history

Open your login history from the top-right hand corner of the Xero homepage

Xero provides the most amount of detail about login activities to individual users themselves.

You can access the details of your last 10 logins by clicking on the x days ago link in the top right hand corner of the Xero dashboard homepage.

You don’t need to check these details every time you log into Xero, but since you’ll only be show your last 10 logins you should try and remember to check your login history every week or 2, depending on how often you use Xero.

Keep an eye out for dodgy logins to your Xero account

When checking your login history keep an eye out for the following:

  1. Logins at strange times.

  2. Logins from strange locations.

  3. Logins from new IP addresses.

If you spot any of these in your login history and can’t explain them, your account might have been accessed by someone else.

Tips for responding to a hacked Xero account.

Check your team’s login activity

In the Users area of Organisation Settings the Login History tab will show you when a user has logged in. The detail in this report is limited to names and times of your team logging in which means you can’t get too much of this report. Some things you should look out for are:

Keep an eye out for Xero logins at strange times

  1. Logins from strange or unused accounts (e.g. a backup account you don’t use regularly)

  2. Logins at strange times (e.g. when someone should be sleeping)

  3. Lots of logins in a short amount of time (e.g. 5 logins in 1 minute)

If you spot something suspicious you should ask the owner of the account about it and contact Xero support if it can’t be explained.

Reviewing these logs regularly is a great idea and might help you spot something dodgy going on before it turns into something really serious. Think of it in the same way you might reviewing a credit card statement on a regular basis. The information on this report is limited to just the last 2 weeks so again you should try and give this an eyeball once every week or so if possible to avoid missing something.



Check your team have Two-step Authentication enabled

Xero are very proactive in enabling Two-step Authentication for all users of their platform, but if someone in your team hasn’t accessed their account in a while there’s a chance it hasn’t been setup yet.

Make sure your team have setup Two-step authentication

Here’s how to check if two-step authentication is enabled for your team members with access to your Xero Organisation:

  1. Log into your Xero dashboard

  2. Open you Organisation settings page by selecting “Settings” from the drop down menu in the top left hand corner of the scree;

  3. Click on “Users” under “General” on the settings page;

  4. Click on a the name of a user in the Current users tab;

  5. On the “Edit user” page, look for Two-step authentication setup under “Current role and security” in their account card;

  6. Click “Cancel” at the bottom of the “Edit user” page to return to the Current users screen and repeat steps 4 & 5 for the rest of your team.

If you find an account that doesn’t have Two-step authentication setup, ask the owner of it to login and enable it or remove it’s access to your Xero Organisation so it can’t be misused.

Other ways to secure your Xero Organisation

Regularly reviewing the security of your user logins is an important part of keeping your Xero Organisation safe and secure.

Check out our article explaining how to secure Xero for your small business for more tips on what you can do to avoid your accounting platform getting hacked.