Introduction to MFA | MFA - Zoho Accounts

Introduction to multi-factor authentication (MFA)

Multi-factor authentication is used as an extra layer of security while signing in to your account. When you enable MFA, all your future sign-ins will require you to verify your identity to ensure that your account isn't accessed by unknown users. You can do this by enabling an MFA mode for your account. For example, if you enable SMS-based OTP, an OTP will be sent to your mobile number, which then needs to be entered when you sign in, thus ensuring that your account stays protected.

MFA modes

Zoho provides four MFA modes to choose from:
  1. OneAuth
    OneAuth is an industry standard multi-factor authentication app built by Zoho. It offers the following features:
    1. MFA for multiple Zoho accounts
    2. Passwordless sign-in
    3. Mobile SSO
    4. OTP authenticator for non-Zoho accounts
    5. Easy backup and recovery
            Learn more
  1. SMS-based OTP
    When you set SMS-based OTP as your MFA mode, a short-lived, single-use authentication code is sent to your mobile device as an SMS message, which you can use to verify your identity during sign-in.
    Learn more
  1. OTP authenticator
    An OTP authenticator generates unique codes in fixed time intervals. When you set an OTP authenticator as your MFA mode, you can use the OTP shown in the authenticator app to verify your identity during sign-in.
    Learn more
  1. YubiKey
    A YubiKey is a hardware device which can be inserted into your computer or laptop. When you configure a YubiKey for your account and set it as your MFA mode, you can insert it to verify your identity during sign-in.
    Learn more

MFA: Org-enforced vs. Self-configured

If you are an organization admin, you can enforce MFA for all the users in your organization. You can choose which modes need to be set up by the users and enforce them. After such policies are enforced, the users will be prompted to set up and sign in using MFA. Refer to your app's documentation to learn how to enforce security policies.

If you want to secure your personal Zoho account, you can enable one or more of the available MFA modes for your account. Check out the respective help articles to learn how to configure the different MFA modes. However, if you are a part of an organization that enforces MFA-related security policies for its users, you can only configure the modes that are allowed according to the policy.

Multi-mode MFA

You can configure multi-mode MFA by configuring at least two MFA modes for your account. With multi-mode MFA, you will have the flexibility to choose between different modes when you want to sign in to your account. You can set one of the modes as the primary MFA mode, and it will be the default mode when you try to sign in. You can choose the other modes to sign in if your primary mode is not currently available. See how to sign in using multi-mode MFA.

MFA and third party mail clients

If you are using your Zoho account in any third-party mail clients, such as Outlook or Thunderbird, you may encounter issues signing in to the app if it doesn't support multi-factor authentication (this more often results in an "incorrect password" error). This is because only entering your username and password in your client will not allow you to sign in as MFA verification cannot be done.

In such cases, you can generate application-specific passwords in Zoho and use them to sign in to your mail client. These application-specific passwords allow you to bypass MFA verification and let you sign in to the client with just your username and this application-specific password.

MFA lifetime

Normally, you will need to verify your identity using your MFA mode every time you sign in to your account. However, if you are signing in often from a trusted computer (such as your personal computer), you can avoid verifying through MFA by trusting your browser. By default, the MFA lifetime for a trusted browser (i.e., the duration you won't be asked for MFA) is 180 days. However, if you are part of an organization, your administrator may reduce the number of days or even restrict trusting a browser altogether by enforcing security policies.

Backup codes to recover access

If you lose access to the device that you use for MFA, you won't be able to sign in to your account. However, if you have saved backup verification codes beforehand, you can use them to recover your account in such cases. For this reason, it is essential for you to generate and save backup codes once you enable MFA fo your account. See how to generate backup codes and how to use them to recover your account.
  1. How to disable/re-enable MFA?
  2. What are trusted browsers and how to enable them?

    Zoho CRM Training Programs

    Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

    Zoho CRM Training
      Redefine the way you work
      with Zoho Workplace

        Zoho DataPrep Personalized Demo

        If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

        Zoho CRM Training

          Create, share, and deliver

          beautiful slides from anywhere.

          Get Started Now

            Get started with Zoho Sign

            in a few quick steps!

            Download Help Guide

                      Still can't find what you're looking for?

                      Write to us:



                        Zoho Marketing Automation

                          Zoho Sheet Resources


                              Zoho Forms Resources

                                Secure your business
                                communication with Zoho Mail

                                Mail on the move with
                                Zoho Mail mobile application

                                  Stay on top of your schedule
                                  at all times

                                  Carry your calendar with you
                                  Anytime, anywhere

                                        Zoho Sign Resources

                                          Sign, Paperless!

                                          Sign and send business documents on the go!

                                          Get Started Now

                                              Zoho SalesIQ Resources

                                                  Zoho TeamInbox Resources

                                                          Zoho DataPrep Resources

                                                            Zoho DataPrep Demo

                                                            Get a personalized demo or POC

                                                            REGISTER NOW

                                                              Design. Discuss. Deliver.

                                                              Create visually engaging stories with Zoho Show.

                                                              Get Started Now

                                                                                    • Related Articles

                                                                                    • Multi-Mode MFA

                                                                                      Introduction  Multi-mode MFA is an option wherein you can enable more than one MFA mode for your Zoho account. Zoho provides four modes to choose from: OneAuth, SMS-based OTP, app-based OTP (authenticator apps), and YubiKey. To enable multi-mode MFA, ...
                                                                                    • YubiKey

                                                                                      What is a YubiKey? YubiKeys represent the security keys developed by Yubico , which can be used to enable multi-factor authentication (MFA). YubiKeys don't require a battery to function and need no software installation to authenticate your accounts. ...
                                                                                    • How do I enable MFA for my account?

                                                                                      Sign in to your Zoho account. Click Multi-Factor Authentication. Select your preferred MFA mode. For your authentication needs, we suggest that you download OneAuth, our very own multi-factor authentication app, which offers four different MFA modes: ...
                                                                                    • How do I delete an MFA mode in my account?

                                                                                      MFA modes can be either set by you for your Zoho account, or enforced by your admin if you are part of an organization. If an MFA mode is set by you, you will see a toggle option at the top-right corner next to MFA Modes in the Multi-Factor ...
                                                                                    • Set up OneAuth for your Zoho account

                                                                                      Info: This article explains the working of OneAuth and how you can set it up to secure your Zoho account. If you don't have a Zoho account, but want to secure your other non-Zoho accounts, check out OneAuth's OTP Authenticator. How OneAuth works Zoho ...
                                                                                    Wherever you are is as good as
                                                                                    your workplace



                                                                                      Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.


                                                                                      Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.


                                                                                      Sign up for our webinars and learn the Zoho CRM basics, from customization to sales force automation and more.

                                                                                      CRM Tips

                                                                                      Make the most of Zoho CRM with these useful tips.

                                                                                        Zoho Show Resources