Two-Step Authentication is an additional security feature which helps you secure your account with an additional security password on a mobile device. This helps in significantly reducing the chances of your account getting hacked by anyone.
How Two-Factor Authentication Works?
Two-Factor authentication works by sending an additional password on your registered mobile number each time you or anyone tries to access your account from a new web browser or device. When you enter your regular login credential on the Zoho Mail sign-in page, you get an additional security code via SMS/Voice Call or QR Code depending on the configuration of Two-Factor Authentication.
NOTE: The secure code you enter in the browser to access your account can be kept effective in a particular browser in the system for a period of 45 days.
How to Enable Two-Factor Authentication in Zoho Mail?
- Go to https://accounts.zoho.com and sign in using your registered email address and password.
- On the page that appears on your screen, click on the Two Factor Authentication
- Next, you will need to use the mode with which you wish to be authenticated (SMS or Google Authenticator).
- After that, simply follow the on-screen prompts to Set up, Verify, and Confirm the activation of Two Factor Authentication for your account.
How to Disable Two-Factor Authentication in Zoho Mail?
If you ever wish to disable Two Factor Authentication for your Zoho Mail account, you can follow the below-mentioned steps:
- Go to https://accounts.zoho.com and sign in to your account.
- Select Two Factor Authentication option located in the top-right corner of your screen and click on the switch to activate or deactivate Two-Factor authentication.
How to Access Two-Factor Authentication Enabled Zoho Mail Account on POP / IMAP or Active Sync Protocols?
If you are looking to access your Two-Factor Authentication enabled Zoho Mail through POP / IMAP or Active Sync protocols, you will need to generate a unique Application Specific Password for each third-party email application you are using to access your Zoho Mail account. Instead of your regular password, you will need to use the 16 digits Application Specific Password that you generate for the configuration of your Zoho account in the application. After the successful validation, you will be able to access your account.
NOTE: While the web password gets expired after 45 days, you need not update the Application Specific Password in the application. Also, if you ever wish to block an app-specific password, you can do so easily from the TFA settings. Moreover, if you reset the password for your Zoho account, you can choose to prevent auth tokens for blocking the app-specific passwords.
How to Generate Application-Specific Passwords?
A user can generate and use application specific password to access the email account via POP / IMAP or Active Sync when Two-Factor Authentication feature is activated for the account by following these steps:
- Go to http://www.zoho.com/mail and sign in to your account.
- Go to My Account link located at the top view Zoho Accounts.
- Choose Two-Factor Authentication > Manage Application specific passwords.
- Next, you will need to enter the device name and your current account password in the page.
- Then, choose “Generate” to view the application specific password.
- You will see the device specific password on your screen.
NOTE: The device specific password will be shown only once.
- You will need to use this password (without any spaces) in the device.
- You can view the past generate item and devices names by selecting the Show generated a password.
- If you ever wish to remove access to the application, you can do so easily by clicking on the Revoke option next to the application.
Zoho Mail Mobile Apps for Android and iOS
Zoho offers a native Zoho Mail app for both Android and iOS devices for accessing Zoho Mail account from smartphones. You need not any app-specific password to sign in. All you need is a Secure Code to sign in to the app. When you will log in using your username and password, you will receive a secure a code via SMS / Voice call or QR Code app associated with your account. Simply enter the security code in the browser to log in to the account.
NOTE: The secure code you enter in the browser to access your account can be kept effective in a particular browser in the system for a period of 45 days.
Two-Factor Authentication for Organizations
Considering the security factor, you can assign Two-Factor Authentication (TFA) for your organization. Enabling this feature will make it mandatory to use the additional security code for every user to log in their accounts. Therefore, it is necessary to ensure that every user has access to a mobile device in order to receive the security code via SMS / Voice call or the mobile app with QR code scan option.
- Sign in to zoho.com/mail as Administrator.
- Go to Control Panel > Dashboard > Two Factor Authentication
- Choose the “ON” option to activate the Two-Factor authentication for all users in the organization.
- As an administrator, while you can turn off the TFA to disable it for the entire organization, however, if the TFA has been set up already for a user’s account, he/she will need to deactivate TFA again.
Steps to Reset TFA for Particular Users
In case any user of your organization loses access to their mobile device which they used to use during TFA activation, as an administrator, you can reset the TFA for such user. For this:
- Sign in to zoho.com/mail as Administrator.
- Go to Control Panel > Mail Accounts > Select the user.
- Choose the Reset TFA option for the specific user.
- When next time, the user will log in, he/she will be able to configure TFA from the beginning.
Steps to Enable / Disable TFA for Particular Users
The administrator can easily activate or deactivate the TFA feature for a user from the Control Panel. For this:
- Go tohttp://www.zoho.com/mail and sign in as Super Admin.
- Next, select Control Panel > User Details.
- Choose Two-Factor Authentication and select “Enable” or “Disable” to activate/deactivate the Two-Factor Authentication for the user.
So, these are the ways to use and enable/disable Two-Factor Authentication for your Zoho Mail account in different conditions.