We all protect our accounts with a password. With all the sensitive data stored in our emails, protecting your account with one password may not be enough. Adding an additional step of security with Multi-Factor Authentication (MFA) will help secure your account furthermore. Enabling the Multi-Factor Authentication will require another device such as your mobile phone to authenticate and confirm your identity. This, in turn, reduces the chance of your account getting compromised and ensures the security of your data at all times.
MFA modes and steps to enable
Zoho Mail is a secure email service that provides secure email access with the following MFA modes:
Steps to enable
Zoho OneAuth is a mobile app, using which you can set up a mode of authentication. In Zoho OneAuth you can choose among the four authentication methods available to secure your account. You can choose between biometric Touch ID (or Face ID, if you're on an iPhone X), Push Notification, QR code, and Time-based OTP. With this, your Zoho account will be secured and you don't have to rely on third-party applications. Zoho OneAuth lets you add secondary devices as backup and also works offline.
To enable Zoho OneAuth Authentication,
To know more, refer to Zoho OneAuth's user guide.
You can configure Mobile-based OTP as your mode of authentication to secure your account. To configure mobile-based OTP, you will be needing a mobile number capable of receiving SMS.
To enable Mobile-based OTP Authentication,
You will now be verified using Mobile-based OTP after entering your password.
Time-based OTP uses authentication apps such as Zoho OneAuth or external applications like Google Authenticator to confirm your identity and secure your account. This works with you having to authenticate your account with the OTP that would expire within the given time frame. You can also set up time-based OTP within Zoho OneAuth keeping the security of your account in one place.
To enable Time-based OTP Authentication,
You will now be verified using Time-based OTP after entering your password.
YubiKey mode uses a physical key to authenticate and secure your account. To configure this, you will be needing YubiKey during the time of setup. This works with you having to authenticate your account with the physical key inserted to your USB port. Failing to do so will prevent you from logging in.
To enable YubiKey Authentication,
You will now be asked to verify using Yubikey when you login.
Things to remember
- After enabling MFA, you will be noticing a set of recovery codes. You can use these codes to log in when you do not have access to your mobile phone or Yubikey.
- When you access your account using other clients via IMAP/ POP, you need to generate and use Application-specific passwords.
Hope you will secure your account using MFA. Send us your feedback at firstname.lastname@example.org.