In OneAuth, you can securely back up all your 2FA accounts to Zoho Cloud and restore them whenever you need.
The reasons why you should back up the 2FA accounts are:
- 2FA secrets (secret key that you used to add the 2FA account in OneAuth)are unique to each 2FA account you have. OneAuth uses these secrets to generate OTPs for your two step verification needs. If you lose access to the device in which OneAuth is installed and no 2FA accounts (with secret keys) are backed up, these accounts will be lost and you will not be able to access any of these 2FA accounts with OneAuth.
- The backup feature allows you to synchronize the accounts with multiple devices. You can set up secondary OneAuth devices, and use whichever is available to you.
What is required to back up 2FA accounts?
(1) A Zoho account:
You will need to create a Zoho account to store the 2FA accounts (2FA secrets and other account details). All the secrets in 2FA accounts will be encrypted. The 2FA accounts are backed up in this Zoho account. You can use this account to restore the stored 2FA accounts to new devices.
(2) Passphrase:
You will need to set up a passphrase when backing up your 2FA accounts. This passphrase will be used to encrypt your 2FA secrets .The 2FA accounts will be stored in your Zoho account. When you want to restore your 2FA accounts to a new device, you will be asked to enter this passphrase. The reason for this encryption is to make sure that your 2FA accounts are stored securely and can't be accessed by anyone (including Zoho). You should note that only the 2FA accounts will be stored by Zoho and not the passphrase. If you forget the passphrase, you will not be able to restore your 2FA accounts.
How to back up 2FA accounts?
First, create a Zoho account by going to the Upgrade tab, then tap Create Zoho Account. If you already have a Zoho account, sign in with it instead.
After you have signed in, follow the steps below to backup your 2FA accounts:
- Open OneAuth on your mobile device.
- Go to the Authenticator tab, then tap Backup Secrets.
- You will be asked to set up a passphrase. Tap SET UP.
- Enter a passphrase of your choice, then tap Next.
- Re-enter the passphrase, then tap Done.
When you add new online accounts to OneAuth, their 2FA accounts will be backed up at regular intervals automatically. To manually back up your 2FA accounts , pull down from the top in Authenticator tab.
How to restore 2FA accounts?
- Install OneAuth on your new device and sign in with your Zoho account.
- If you already have OneAuth installed and signed in, close and reopen the app to continue.
- Alternatively, tap Settings in the bottom tray, then tap Refresh App under SECURITY & PRIVACY (this option works only with OneAuth version 3.3 or above).
- Go to the Authenticator tab.
- Tap Restore Secrets. You will be asked to enter your passphrase.
- Enter the passphrase, then tap RESTORE.
Once you tap RESTORE, all the previously backed up 2FA accounts will be restored to your current device from the cloud. This is performed by decrypting the 2FA secrets using your passphrase.
How to change passphrase?
Important note:
For security reasons, when you change your passphrase:
> All the previously backed up 2FA accounts will be deleted from Zoho Cloud. They will not be deleted from the device you're currently using to change the passphrase.
> The current secrets present in the device on which you change the passphrase will be backed up fresh to Zoho Cloud.
Make sure you change your passphrase from the device which has all the required 2FA accounts, because only the 2FA accounts present on that device will be backed up and the rest present on other devices will be deleted permanently.
- Open OneAuth on your mobile device.
- Go to the Settings tab, then tap Recovery.
- Tap Edit below the passphrase.
- Enter a new passphrase, then tap Next.
- Re-enter the passphrase, then tap Done.