Introduction to MFA | MFA - Zoho Accounts

Introduction to multi-factor authentication (MFA)

Multi-factor authentication is used as an extra layer of security while signing in to your account. When you enable MFA, all your future sign-ins will require you to verify your identity to ensure that your account isn't accessed by unknown users. You can do this by enabling an MFA mode for your account. For example, if you enable SMS-based OTP, an OTP will be sent to your mobile number, which then needs to be entered when you sign in, thus ensuring that your account stays protected.

MFA modes

Zoho provides four MFA modes to choose from:
  1. OneAuth
    OneAuth is an industry standard multi-factor authentication app built by Zoho. It offers the following features:
    1. MFA for multiple Zoho accounts
    2. Passwordless sign-in
    3. Mobile SSO
    4. OTP authenticator for non-Zoho accounts
    5. Easy backup and recovery
            Learn more
  1. SMS-based OTP
    When you set SMS-based OTP as your MFA mode, a short-lived, single-use authentication code is sent to your mobile device as an SMS message, which you can use to verify your identity during sign-in.
    Learn more
  1. OTP authenticator
    An OTP authenticator generates unique codes in fixed time intervals. When you set an OTP authenticator as your MFA mode, you can use the OTP shown in the authenticator app to verify your identity during sign-in.
    Learn more
  1. Security key
    A security key is a hardware device which can be inserted into your computer or laptop. When you configure a security key for your account and set it as your MFA mode, you can insert it to verify your identity during sign-in.
    Learn more

MFA: Org-enforced vs. Self-configured

If you are an organization admin, you can enforce MFA for all the users in your organization. You can choose which modes need to be set up by the users and enforce them. After such policies are enforced, the users will be prompted to set up and sign in using MFA. Refer to your app's documentation to learn how to enforce security policies.

If you want to secure your personal Zoho account, you can enable one or more of the available MFA modes for your account. Check out the respective help articles to learn how to configure the different MFA modes. However, if you are a part of an organization that enforces MFA-related security policies for its users, you can only configure the modes that are allowed according to the policy.

Multi-mode MFA

You can configure multi-mode MFA by configuring at least two MFA modes for your account. With multi-mode MFA, you will have the flexibility to choose between different modes when you want to sign in to your account. You can set one of the modes as the primary MFA mode, and it will be the default mode when you try to sign in. You can choose the other modes to sign in if your primary mode is not currently available. See how to sign in using multi-mode MFA.

MFA and third party mail clients

If you are using your Zoho account in any third-party mail clients, such as Outlook or Thunderbird, you may encounter issues signing in to the app if it doesn't support multi-factor authentication (this more often results in an "incorrect password" error). This is because only entering your username and password in your client will not allow you to sign in as MFA verification cannot be done.

In such cases, you can generate application-specific passwords in Zoho and use them to sign in to your mail client. These application-specific passwords allow you to bypass MFA verification and let you sign in to the client with just your username and this application-specific password.

MFA lifetime

Normally, you will need to verify your identity using your MFA mode every time you sign in to your account. However, if you are signing in often from a trusted computer (such as your personal computer), you can avoid verifying through MFA by trusting your browser. By default, the MFA lifetime for a trusted browser (i.e., the duration you won't be asked for MFA) is 180 days. However, if you are part of an organization, your administrator may reduce the number of days or even restrict trusting a browser altogether by enforcing security policies.

Backup codes to recover access

If you lose access to the device that you use for MFA, you won't be able to sign in to your account. However, if you have saved backup verification codes beforehand, you can use them to recover your account in such cases. For this reason, it is essential for you to generate and save backup codes once you enable MFA fo your account. See how to generate backup codes and how to use them to recover your account.
  1. How to disable/re-enable MFA?
  2. What are trusted browsers and how to enable them?

    Zoho CRM Training Programs

    Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

    Zoho CRM Training
      Redefine the way you work
      with Zoho Workplace

        Zoho DataPrep Personalized Demo

        If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

        Zoho CRM Training

          Create, share, and deliver

          beautiful slides from anywhere.

          Get Started Now

            Zoho Sign now offers specialized one-on-one training for both administrators and developers.

            BOOK A SESSION

                        Still can't find what you're looking for?

                        Write to us:



                          Manage your brands on social media

                              Zoho Marketing Automation

                                Zoho Sheet Resources


                                    Zoho Forms Resources

                                      Secure your business
                                      communication with Zoho Mail

                                      Mail on the move with
                                      Zoho Mail mobile application

                                        Stay on top of your schedule
                                        at all times

                                        Carry your calendar with you
                                        Anytime, anywhere

                                              Zoho Sign Resources

                                                Sign, Paperless!

                                                Sign and send business documents on the go!

                                                Get Started Now

                                                        Zoho TeamInbox Resources

                                                                Zoho DataPrep Resources

                                                                  Zoho DataPrep Demo

                                                                  Get a personalized demo or POC

                                                                  REGISTER NOW

                                                                    Design. Discuss. Deliver.

                                                                    Create visually engaging stories with Zoho Show.

                                                                    Get Started Now

                                                                                          • Related Articles

                                                                                          • Multi-Mode MFA

                                                                                            Introduction Multi-mode MFA is an option wherein you can enable more than one MFA mode for your Zoho account. Zoho provides four modes to choose from: OneAuth, SMS-based OTP, app-based OTP (authenticator apps), and Security key. To enable multi-mode ...
                                                                                          • Security key

                                                                                            What is a security key? Security key is a hardware device that can be used to enable multi-factor authentication (MFA). They don't require a battery to function and need no software installation to authenticate your accounts. How security keys work? ...
                                                                                          • Troubleshoot MFA related issues

                                                                                            Introduction If you have set up multi-factor authentication (MFA ) to protect your Zoho account and have issues signing into your account, we will help you regain your account access. The first thing you need to do after regaining account access is ...
                                                                                          • What is an OTP authenticator in Zoho OneAuth?

                                                                                            One-time Passcode (OTP) authenticator is Zoho OneAuth's in-built two-factor authentication (TFA) module. You can use the OTP authenticator to secure your business and social accounts like Google, Microsoft, or Facebook. You can also use the OTP ...
                                                                                          • Secure non-Zoho accounts using OneAuth's OTP authenticator

                                                                                            Note : This article explains how you can use OneAuth to secure your non-Zoho accounts. If you want to secure your Zoho account using OneAuth, check out the article Set up OneAuth for your Zoho account. Using OneAuth's OTP authenticator, you can ...
                                                                                          Wherever you are is as good as
                                                                                          your workplace



                                                                                            Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.


                                                                                            Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.


                                                                                            Sign up for our webinars and learn the Zoho CRM basics, from customization to sales force automation and more.

                                                                                            CRM Tips

                                                                                            Make the most of Zoho CRM with these useful tips.

                                                                                              Zoho Show Resources