Get Started With OneAuth | OneAuth

Introduction to OneAuth

What is OneAuth?

OneAuth is a free multi-factor authentication (MFA) app developed by Zoho. Setting up MFA with OneAuth improves your account security by reducing the risk of unauthorized access. It helps secure:
  1. Your Zoho account
  2. Your online 2FA accounts, such as Google, Facebook, Twitter, and more

How OneAuth works

OneAuth for Zoho account
OneAuth for 2FA accounts
OneAuth for Zoho account
Zoho OneAuth uses a multi-step authentication flow to secure and streamline your sign-in experience. After entering your username, you will need to verify yourself through the following steps:
  1. Enter password
    By default, your account password is the first authentication factor.
    NotesYou can skip entering your password by enabling the passwordless sign-in feature. Once enabled, your preferred sign-in mode and biometric verification act as the first and second steps of authentication.
  2. Preferred sign-in mode
         Next, you verify your identity using one of the following sign-in modes:
    1. Push notification - A push notification is sent to your mobile device when you try to sign in. Approve the notification to verify your identity. Works online.
    2. Time-based OTP - Enter the time-based verification code generated by the OneAuth app. Works offline.
    3. QR code scan - Scan the QR code displayed on the sign-in page using the OneAuth scanner. Works online.
  3. Biometric verification
    If your device supports biometrics, you can add an extra layer of verification using:
    1. Face ID
    2. Touch ID
 Advantages:
    1. Mobile SSO: Access all Zoho mobile apps without repeated sign-ins.
    2. Multiple device sign-in: Sign in to your multiple devices and mark them as primary or secondary, so you always have a backup option to access and recover your Zoho account if needed.
    3. Easy backup and recovery: Set a passphrase, and generate backup verification codes to recover your account if you lose access to your device or your account.
    4. Manage multiple Zoho accounts: You can add, manage, and authenticate multiple accounts seamlessly within OneAuth.
    5. Manage passwords: Add and manage your application passwords using OneAuth's built-in password manager.

InfoTo secure your Zoho account using OneAuth, refer to the OneAuth setup guide for Zoho account to enable MFA and configure it on your device.
OneAuth for 2FA accounts
OneAuth 2FA authenticator tab allows you to add and manage your online 2FA accounts. After setting up an account, you can follow these steps:
  1. Add a 2FA account to OneAuth
    You can add an online 2FA account in either of the following ways:
    1. Scan the QR code shown on the service’s 2FA setup page
    2. Enter the secret key manually if no QR code is available
    3. Upload a QR image directly from your device's gallery
      Once added, OneAuth will then generate time-based OTPs for the account.
  2.  Organize your accounts
    After adding accounts, you can manage them by:
    1. Grouping accounts into folders
    2. Reordering accounts for easy access
    3. Removing accounts when they are no longer needed
  3. Use OTP to sign in
    When signing in to an online 2FA account, select the required 2FA account in OneAuth, and enter the 6-digit OTP displayed to complete verification.

    Advantages
    1. Cloud multi-device sync: Your 2FA account will securely sync to the cloud on every device where your OneAuth account is signed in.
    2. Guest mode support: You can add the online 2FA accounts and generate TOTPs without signing in. However, to backup and sync your 2FA accounts, sign in to your Zoho account.
    3. Backup & restore: You can restore all your 2FA accounts from the cloud using a passphrase.
    4. Export/import support: You can export your online 2FA accounts as a text file or secure file (JSON) then import them when switching devices or reinstalling OneAuth. This serves as an offline backup.
    5. Import from Google Authenticator: You can export all your 2FA accounts from Google Authenticator to OneAuth without reconfiguring each account individually.
Info
To secure your non-Zoho accounts with OneAuth, you can use OneAuth's 2FA Authenticator to set up MFA and generate time-based OTP codes for your online accounts.