After sharing this same information with over a dozen clients in the last month , I thought it might be a good idea to share it here for future purchases.
Set up 2SA on your new phone
To first disable your existing 2SA account:
Log into Xero using your existing authenticator app or recovery method.
Click on your initials or profile image, then select Account.Under Two-step authentication, click Disable.
Enter the six-digit code generated by your existing authenticator app, or click I can't use my authenticator app and answer your security questions.
You've now disabled your existing 2SA account in Xero, and can start setting up your new phone:
If you don't already have one, install an authenticator app on your new phone. (I like Google Authenicator)
Still in your Xero Account settings, under Two-step authentication click Setup.
Open the authenticator app on your new phone.
Begin the setup process, or add a new account if you’re already using the app for other software.
Scan the barcode showing in Xero into your new authenticator app, or manually enter the key.
To scan the barcode:
Tap the prompt in your authenticator app to scan a barcode or QR code.Scan the barcode showing in Xero into your authenticator app.
To enter the key manually:
Tap the prompt in your authenticator app to manually enter the key.
In Xero, click enter your key manually.
Type the details showing in Xero into your authenticator app.
In Xero, click Next.
Enter the six-digit code generated by your new authenticator app, then click Next.
Select three security questions to use as a recovery method, enter the answers, then click Next.
You can now use your new phone to generate the 2SA codes for your Xero login. To ensure that you don’t have any problems logging into Xero in the future, we strongly recommend you also:
Add an alternative email address to use as an additional recovery method for times when you don’t have access to your phone.
Use password manager software to securely store your security questions and answers, as well as your login email address and password. I recommend Last Pass as it will store your passwords on your desktop and devices.