2FA enforcement

Using 2FA protects from unauthorised access to a person's account and increases data security. 

Due to Xero requirements, ApprovalMax enforces 2FA for all users that access Xero-connected Organisations.

ApprovalMax is now offering two types of 2FA enforcement:

1. Soft enforcement: every time a user reloads a webpage, they will be prompted to set up 2FA. An email notification with a reminder will be sent additionally on a weekly basis:
     
   
2. Hard enforcement: every user action will redirect the user to the 2FA enforcement webpage. An email notification with a reminder will be sent on a daily basis:
   
   

Administrators can choose between the two enforcement types on the Organisation page:

2FA enforcement is turned on for all Xero-connected Organisations.

For Organisations that are not connected to Xero, the enforcement of 2FA is optional. 

Further information regarding the functionality and other available options will be disclosed at a later time.

• Related Articles

• Disclosure for Law Enforcement

  Under certain circumstances, ApprovalMax may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). For questions related to information ...

• 2FA: Frequently Asked Questions

  Question Answer What happens if I just don't enable 2FA? If it's Soft Enforcement, you'll see a pop-up prompting you to set up 2FA with every page refresh. However, you can skip it until the next refresh. If it’s Hard Enforcement, you'll be ...

• Release 2023-05-25

  NEW 2FA enforcement is available for all Organisations under the private Beta. 2FA allows to protect a person from the unauthorised access to their account. ApprovalMax is introducing two 2FA enforcement types: Soft enforcement: Every time user ...

• Release 2023-07-05

  NEW 2FA enforcement is generally available for all Organisations 2FA allows to protect users from unauthorised access to their accounts. ApprovalMax is introducing two 2FA enforcement types: Soft enforcement: every time a user reloads the webpage, ...

• What if the Airwallex Batch Payment has been paid and reconciled in Xero, and afterwards the Failed status is returned?

  Very rarely, for instance, if there is a typo in the beneficiary account, it may happen that Airwallex sends a payment and returns the Paid status. Still, sometime later, the beneficiary bank returns the payment to Airwallex, which causes Airwallex ...