What is a security key?
Security key is a hardware device that can be used to enable multi-factor authentication (MFA). They don't require a battery to function and need no software installation to authenticate your accounts.
How security keys work?
First, you will have to register your security key with your Zoho account. After registering, when you try to sign in to your account, you will be prompted to verify using your security key. When prompted, you will either need to insert the security key on to your device's port and tap its disc, or connect via NFC to verify. Once verification is complete, you will be signed in to your account.
Security key in Zoho: Points to note
-
Zoho supports both FIDO U2F and FIDO2-based security key.
-
You can register multiple security keys for your Zoho account, and use anyone of them to sign in.
-
You can also register the same security key with multiple Zoho accounts and use it to sign in to them.
-
You can also sign in to your mobile devices by connecting your security key through the device's port or through NFC.
Supported devices
FIDO U2F and FIDO2-based security keys are supported in Zoho.
Supported browser and their versions
The following browsers support security key for signing in to Zoho.
Supported browsers
|
Supported versions
|
Mozilla Firefox
|
60 and above
|
Google Chrome
|
67 and above
|
Safari
|
13 and above
|
Microsoft Edge
|
18 and above
|
Opera
|
54 and above
|
In mobile devices
|
|
Safari on iOS
|
13 and above
|
Opera mobile
|
64
|
Chrome for Android
|
102
|
Firefox for Android
|
101
|
If your try signing in using security key from an unsupported browser, an error will be shown stating that the browser is not supported.
How to register a security key with Zoho account?
Requirements
-
A FIDO U2F or FIDO2-based security key
-
A supported browser and device
Steps to register
-
Sign in at
accounts.zoho.com.
-
Click
Multi-Factor Authentication
in the left menu.
-
Click
Set up Now
under Security key.
-
If you are registering on a computer:
-
Insert it into the USB port of your computer.
-
Click
Next
.
-
Wait for the security key to blink, then tap its disc.
If you are registering on a mobile device, you can connect your security key either through the device's port or through NFC.
- Insert the device port into the device port, or tap it against the NFC detection area on your device.
- If you are prompted for a PIN, enter your security key's FIDO2 PIN.
-
Name your security key, then click
Configure
.
-
Sign out of your Zoho Account and sign in back to confirm that security key authentication is enabled.
Using these steps, you can configure multiple security keys for your account.
How to set security key as primary MFA mode?
If you have configured multiple MFA modes for your account, you can set one of them as your primary MFA mode. When you try to sign in, your primary mode will be the default mode for authentication.
To set security key as primary MFA mode:
-
Sign in at
accounts.zoho.com
.
-
Click
Multi-Factor Authentication
in the left menu.
-
Click
MAKE PRIMARY
next to security key.
-
Click
Confirm
.
How to sign in using security key?
If security key is your primary MFA mode, follow the steps to sign in:
-
Go to the
Zoho sign-in page
.
-
Enter your email address, then click
NEXT
.
-
Enter your password, then click
SIGN IN
.
-
If you are signing in on a computer:
-
Insert it into the USB port of your computer.
-
Click
Next
.
-
Wait for the security key to blink, then tap its disc.
If you are signing in on a mobile device, you can connect your security key either via device's port or through NFC. Follow the on-screen instructions to connect and authenticate.
Note
: If you are using a mail client, you may have issues signing in to it once you enable MFA (in most cases, "incorrect password" error will be shown). This is because your mail client doesn't support MFA. In this case, you can use
application-specific passwords
to bypass MFA and sign in to your mail client.
How to recover account if security key is not accessible?
If you can't sign in to your account due to issues with your security key, then you can recover access to your account using your previously-generated
backup verification codes
.
- Contact our support team
Contact our support team at support@zohoaccounts.com. We will gather some details from you to verify your identity. - Use the one-time backup code to sign in
After your identity is verified, you'll be given a backup verification code. Use this code to regain access to your account.
- Go to accounts.zoho.com.
- Enter your username and password (or use other sign-in options).
- When you are asked to verify using MFA, click Problem signing in? or Can’t access your device?.
- Select the option to enter the backup verification code.
- Enter the code provided to sign in.
- After signing in, you'll be shown a page from where you can generate and save a new set of backup codes. Make sure you save them securely so you can use them if you encounter this issue in the future.
- Reconfigure MFA
Once you’ve got access to your account, you need to reconfigure MFA. - Click Multi-factor authentication in the left menu of the account's home page.
- In the Multi-factor authentication section, reconfigure the security key or configure other MFA modes such as OneAuth or OTP authenticator.
Related articles
-
How to use application passwords for mail clients
-
How to disable/re-enable MFA
-
MFA: Frequently asked questions
-
MFA: Troubleshooting