Two-step Authentication (2FA)

Note: Two step authentication is now compulsory.

To help ensure your account is secure, you will need to set up two-step authentication for your Spotlight login. Each time you log in for the first time on a new computer or in a new session, you'll need an additional authorisation code to sign in.

Note: If you currently use one of the single sign-on options, 'Sign in with Intuit' or 'Sign in with Xero', you will not be able to set up two-step authentication within Spotlight, as the login process is handled by your accounting system. However, you should be able to set this up within the accounting system itself if required.

To set up two-step authentication

  1. When you create a new Spotlight account, two step authentication is automatically set up to use the same email address you use to sign in to Spotlight. To change the two step authentication option, from within the main Spotlight screen, open the My Account drop-down list, then choose Two-Step Authentication.
  2. Select the required authentication option.

    Authenticator app - Generate authentication codes using an authenticator app on your smartphone.

    Email
    - Receive authentication codes to your email address. If you select this option, the authentication codes will be sent to the same email address you use to log in to Spotlight.
  3. If you've chosen the Email option, to apply the change, click Update Settings. An authentication code is then sent to your email address. To complete the process, enter the authentication code and then click Authenticate.
  4. If you've chosen the Authenticator app option, to continue the setup, click Next.
  5. A QR code appears on the screen. On your smartphone, open the authenticator app you want to use, and scan the QR code, then save the account to your authenticator when prompted. The authenticator app will then generate a code for you to log in to Spotlight.
  6. Enter the generated code, then click Authenticate.
  7. To return to the main Spotlight screen, click Back to application.

Frequently asked questions

  • Do all users need to set up two-step authentication?

    Yes. This feature isn't limited by the user roles in Spotlight, so all users will need to set this up.

  • Can I use SMS to authenticate my login?

    No, SMS is no longer available as an option for two step authentication.
  • Can I change the authenticator app I'm using?

    Yes, if you need to do this, please follow the steps above to switch two-step authentication to email, then repeat the process and select your new authenticator app.
  • Can I send my code to a different email address?

    No, if you choose the email option, the code is always sent to the email address you use to log in to Spotlight.

Still need help?
Get in touch!