🚨 As of 11 November 2022, you will need to enforce account-wide 2FA if you are integrated with Xero. This is already in place for all Australian users, but it will be enforced for everyone as of 11 November. If you don't do this, your Xero integration will be disabled, and you will not be able to reconnect it until after account-wide 2FA has been turned on. 🚨
Xero requires that anyone who has connected another service (in this case, Cliniko) turn on 2 factor authentication. This is because Xero wants to ensure that any "connected application" (i.e. Cliniko) has the necessary protections in place so that the only people accessing the account are the people who should be accessing the account.
Enabling 2FA on your Cliniko account is the single most important thing you can do to keep it secure, because it requires a “second factor” besides your email and password. The “second factor”, in this case, is your mobile phone and a 2FA app which generates a unique code to enter when signing into your account.
When 2FA is enabled, every user on your account will be required to sign in with that unique code, as well as their email address and password.
What do I need to do?
To learn how to set up account-wide 2FA (which only administrators will be able to do), please follow the steps outlined here.
If individual users need assistance with enabling 2FA on their Cliniko account/phone, please see this guide.
If your Xero account gets disconnected and you need to reenable it after setting 2FA up, please review the steps outlined here.
If you have any questions, please feel free to reach us via the "chat" button in the lower-right corner. We're happy to help!