Security

Security

Change Password

It is a good security practice to change your account password regularly and use strong passwords.

  1. Go to the Security tab on your home screen and click Change Password.
  2. Enter your current password and new password.
  3. Re-enter your new password and click Save.

When you change your password, you can keep your account more secure by terminating all your web browser, mobile sessions and removing all active API authtokens. You can do this by clicking the relevant check boxes before clicking Save.

Follow the guidelines below for creating a strong password:

  • Password cannot be the same as your username.
  • Password length should not be less than 8 characters.
  • Password length should not be more than 250 characters.
  • Password should contain at least one special character.
  • Password should contain at least one numeric character.
  • Password should contain both uppercase and lowercase characters.
  • Password should not be the same as any of your last three passwords.

Two Factor Authentication

Information on two factor authentication is available as a separate section.

Security question

Adding a security question helps you gain access to your account in case you forget your password. It also adds an extra layer of protection against password hacking attempts. To add a security question of your choice:

  1. Click the Security tab on your Zoho Accounts home screen.
  2. Click the Security Question link.
  3. Enter your current password, provide the security question and answer of your choice, and click Save.
  4. From now on, each time you want to change your password, you will need to answer your security question correctly to proceed with the password change.

Allowed IP Address

What are Allowed IP Addresses?

If you frequently work with sensitive data, you can set up an allowed IP address range for your account. Once this is configured, you can only access your account from that particular IP address. This will block any unsolicited access attempts from any other IP address.

  1. Click Security on your home screen.
  2. Choose Allowed IP address.
  3. Click Add New and enter the range of static IP addresses that are allowed to access your account.
  4. Click Add.
  5. A reconfirmation message will be displayed. Click Yes.
  6. The IP addresses you entered will be saved, and after signing out from the current session, you will be able to log in only from the allowed IP addresses.

Make sure that the IP address you provide is a static IP address. Dynamic addresses change with each session and you might be locked out of your account. To avoid this, please contact your internet service provider to get a static IP address.

App Passwords

An app password is a 12-character passcode that gives an app permission to access your Zoho mail from various email clients (such as Microsoft Outlook, Mozilla Thunderbird etc.), Jabber clients, and standalone applications.

If two factor authentication (TFA) is enabled for your account:

  • You cannot use your password directly to access POP/IMAP email clients.
  • You must use an App Password to access those applications.

If TFA is not enabled for your account:

  • You can use either your Zoho account password or an App password to access POP/IMAP email clients.
  • If the email client faces a security breach, your account will also be compromised.
  • Using an app password will shield your Zoho account from the breach.

To generate an app password for your email client:

  1. Navigate to Security > App Passwords.
  2. Enter your Zoho password
  3. Enter the app name in the given field
  4. The app password is generated and shown in bold font. Copy and note down or save the password as it will not be displayed again.

You can also delete existing app passwords:

  1. Navigate to Security > App Passwords.
  2. Enter your Zoho password.
  3. Click Show Generated Passwords.
  4. You can delete an app password using the Revoke button.

Note: Enter the app password without spaces in your email clients.

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: support@zohoaccounts.com