What is a 2FA secret?
A 2FA (Two-Factor Authentication) secret is a unique alphanumeric code that is shared as a QR code or a secret key, generated by an online service (such as email accounts, social media platforms, cloud services, or financial apps) when you enable two-step verification for your account.
How does Zoho OneAuth use the 2FA secret?
In the Zoho OneAuth app, you can add your online 2FA (non-Zoho) accounts by scanning a QR code, uploading a QR code, or entering the secret key manually. This securely links your online 2FA account with OneAuth.
Once linked, OneAuth uses the 2FA secret to generate a time-based one-time password (TOTP). These codes are usually 6 digits in length, but some services may use 7 or 8 digits, all of which are supported by OneAuth. These codes refresh automatically at regular intervals and are required when you sign in to your account.