Since SMS has been found to not be a sufficient method to ensure the security of your account, we recommend our users to enable a second factor authentication (2FA) application that can replace the need for SMS. The two applications that will work with our service are Google Authenticator and Authy. Before using one of these apps, you need to log into your account at xapo.com and click on the circular avatar in the upper right hand corner to enter into your "Security Settings".
To enable Google Authenticator or Authy, download and open one of these applications on your iPhone, Android, or Blackberry device, and tap the "+" to add a new service. In the security settings for Xapo, you can now click "Enable Google Authenticator" and a QR code that can be scanned by the Google Authenticator or Authy app will generate. Use your Google Authenticator or Authy App to scan the barcode and it will create a link between this application and your Xapo account.
If you already have the Xapo app, you'll need to "Unlink Xapo Mobile App" to then see the option to "Enable Google Authenticator". You'll be able to login and use the Xapo app again after setting up Google Authenticator or Authy.
Then scroll down the page until you see the option to "require second-factor for login". There will be a box next to this option. Click the box and then click "Save Changes" at the bottom of the page.
You have now enabled second factor authentication. When you are asked for a second factor authentication, simply go to the Google Authenticator or Authy app to retrieve the code!