2FA is one of the most important security features that online services can implement to help prevent unauthorised access to customer accounts. It means that, even if someone knows/guesses your username and password, they still can't login to your account.

The more sensitive, valuable, or confidential the information being stored, the more important it is to offer 2FA.

We recognise that no system is 100% unhackable, but believe that 2FA is an essential component of a best practice security policy.

Xero is a very popular online bookkeeping/accounting software package used by 1000s of SMEs in multiple countries. It contains huge amounts of confidential information including, for example:

1. Financials
2. Employee records
3. Customer records

Xero should implement 2FA as a top priority. 2FA is also known as "Two-step verification" or "Multi-factor authentication".

Xero users have been begging for 2FA since at least April 2013:
https://community.xero.com/business/question/1386112

More about 2FA here:
Two-step verification on Wikipedia