Top Articles

      Multi-Factor Authentication

      We all protect our accounts with a password. With all the sensitive data stored in our emails, protecting your account with one password may not be enough. Adding an additional step of security with Multi-Factor Authentication (MFA) will help secure your account furthermore. Enabling the Multi-Factor Authentication will require another device such as your mobile phone to authenticate and confirm your identity. This, in turn, reduces the chance of your account getting compromised and ensures the security of your data at all times.

      MFA modes and steps to enable

      Zoho Mail is a secure email service that provides secure email access with the following MFA modes:

      MFA Modes

      Steps to enable

      Zoho OneAuth

      Zoho OneAuth is a mobile app, using which you can set up a mode of authentication. In Zoho OneAuth you can choose among the four authentication methods available to secure your account. You can choose between biometric Touch ID (or Face ID, if you're on an iPhone X), Push Notification, QR code, and Time-based OTP. With this, your Zoho account will be secured and you don't have to rely on third-party applications. Zoho OneAuth lets you add secondary devices as backup and also works offline.

      To enable Zoho OneAuth Authentication,

      1. Login to your Zoho Accounts 
      2. In the left pane, navigate to Multi-Factor Authentication
      3. In the Zoho OneAuth section, enter your mobile number to receive the link of the Zoho OneAuth mobile app. You can download the app using the link sent to your mobile number. 
      4. After downloading the app, open the app and log in using your Zoho Mail credentials.
      5. You can now choose to secure your account using any of the authentication options available. 

      To know more, refer to Zoho OneAuth's user guide

      Mobile-based OTP

      You can configure Mobile-based OTP as your mode of authentication to secure your account. To configure mobile-based OTP, you will be needing a mobile number capable of receiving SMS.

      To enable Mobile-based OTP Authentication,

      1. Login to your Zoho Accounts 
      2. In the left pane, navigate to Multi-Factor Authentication
      3. Under Mobile-based OTP, click Setup Now. You might be asked to log in to your account again for security.
      4. Choose your country, and then type in your mobile number. Note that you can not use the same number as your account recovery number.
      5. After entering your mobile number, click Next
      6. Upon clicking Next, you will receive an OTP as SMS to the mobile number entered by you.
      7. Enter the received OTP and click Verify.
      8. If the OTP you entered matches the one sent by our system, your mobile number will get verified for further authentications.

      You will now be verified using Mobile-based OTP after entering your password.

      Time-based OTP

      Time-based OTP uses authentication apps such as Zoho OneAuth or external applications like Google Authenticator to confirm your identity and secure your account. This works with you having to authenticate your account with the OTP that would expire within the given time frame. You can also set up time-based OTP within Zoho OneAuth keeping the security of your account in one place.

      To enable Time-based OTP Authentication,

      1. Login to your Zoho Accounts 
      2. In the left pane, navigate to Multi-Factor Authentication
      3. Under Time-based OTP, click Setup Now. You might be asked to login to your account again for security.
      4. Open your authenticator app and scan the QR code displayed. You can also enter the code manually if needed. 
      5. After scanning the QR code, your account will be added to the authenticator app. Once done, click Next.
      6. Your authenticator app will display an OTP with time-based expiry. Enter the OTP displayed in your authenticator to complete the configuration.

      You will now be verified using Time-based OTP after entering your password.

      YubiKey

      YubiKey mode uses a physical key to authenticate and secure your account. To configure this, you will be needing YubiKey during the time of setup. This works with you having to authenticate your account with the physical key inserted to your USB port. Failing to do so will prevent you from logging in.

      To enable YubiKey Authentication,

      1. Login to your Zoho Accounts 
      2. In the left pane, navigate to Multi-Factor Authentication
      3. Under Yubikey, click Setup Now. You might be asked to login to your account again for security.
      4. Insert the Yubikey into your computer's USB port and then click Next.
      5. Touch the golden disc on YubiKey when it starts blinking.
      6. Name your Yubikey and click Configure.

      You will now be asked to verify using Yubikey when you login.

      Things to remember

      1. After enabling MFA, you will be noticing a set of recovery codes. You can use these codes to log in when you do not have access to your mobile phone or Yubikey. 
      2. When you access your account using other clients via IMAP/ POP, you need to generate and use Application-specific passwords.

      Hope you will secure your account using MFA. Send us your feedback at support@zohomail.com.

      Sign up for free