Two-factor authentication (2FA) is a layer of additional security you can add to your Halaxy account. Enabling two-factor authentication in Halaxy is extremely easy and helps secure your account.
Two-factor authentication combines something you know (your password) with something you have (such as your mobile phone, email account or Google Authenticator). This means that even if someone manages to guess your password, they will be unable to log in to your Halaxy account unless they also have physical access to your personal authentication method.
Halaxy offers three ways to receive two-factor authentication verification codes: email (free), Google Authenticator (free), and SMS (currently free).
Note
In accordance with Australian Tax Office security requirements, two-factor authentication is mandatory for all users in a practice group where someone has connected their Halaxy to Xero.
Full Access users can make two-factor authentication mandatory or optional for all users, as well as prompt users to enable 2FA on their next login. They can also optionally mandate a method of two-factor authentication (SMS, Email or Google Authenticator).
If someone in one of your groups has connected their Halaxy to Xero, two-factor authentication is automatically set to Mandatory and cannot be disabled.
To edit two-factor authentication settings for your practice group:
-
Click Settings > Users.
-
In the top-right corner of the practice group, click Edit Two-Factor Authentication Settings.
-
The Two Factor Preference Settings pop-up for your practice group appears. Select a two-factor authentication setting for users in your practice group:
-
Mandatory: Users are required to set up two-factor authentication on their next login.
-
Prompt on login: Users are asked to optionally enable two-factor authentication on their next login.
-
Optional: Users can enable or disable two-factor authentication at their own discretion.
-
-
In the drop-down menu, select whether you wish to mandate a method of two-factor authentication (email, Google Authenticator, or SMS) or allow users to choose their preferred method.
RESULT: If you made two-factor authentication mandatory, users must set up two-factor authentication the next time they log in. If you selected "Prompt on login", users in your group are prompted to enable two-factor authentication on their next login but can choose not to do so. If you selected Optional, users can set up two-factor authentication on the Settings > Users page at their own discretion.
Enabling or disabling two-factor authentication for individuals is extremely easy. All you need to do is:
-
Click Settings > Users.
-
Click the cogwheel icon to the right of the user you want to enable two-factor authentication for:
-
Select your authentication method:
-
None: Disables two-factor authentication for this user. The user can re-enable it any time.
-
SMS: Enter the mobile phone number you want to use to receive verification codes, then click Validate. Whenever you log in to Halaxy, you will be sent an authentication code via SMS. After entering your password, you will be prompted to enter this code in order to access your account.
-
Email: Enter the email address you want to use to receive verification codes, then click Validate. Whenever you log in to Halaxy, you will be sent an authentication code via email. After entering your password, you will be prompted to enter this code in order to access your account.
-
Google Authenticator: Scan the displayed QR code using your Google Authenticator app, then click Validate. This will create an entry for Halaxy in your Google Authenticator app. Whenever you log in to Halaxy, after you enter your password you will be prompted to enter the authentication code that appears in your Google Authenticator app in order to access your account.
Other authenticator apps are not supported; Halaxy cannot guarantee that other authenticator apps will be compatible.
-
Note
If two-factor authentication is mandatory for any of your practice groups, you cannot disable two-factor authentication. If you are in only one practice group and that group mandates a particular authentication method, you can only select that method.
Comments
Article is closed for comments.