Set up MFA for Zoho account
Info: This article explains the working of OneAuth and how you can set it up to secure your Zoho account. If you don't have a Zoho account, but want to secure your other non-Zoho accounts, check out OneAuth's OTP Authenticator.
How OneAuth works
Zoho OneAuth offers a three-step authentication flow to secure and improve the sign-in experience for its users. After you enter your username, you will need to verify yourself using the following steps:
- Enter your password.
- Verify your identity using one of three sign-in modes available in OneAuth.
- Verify your identity using your biometric data such as your finger print or facial recognition data.
Info: You can also choose to skip the password step using the passwordless sign-in feature.
OneAuth sign-in modes
OneAuth offers three sign-in modes to verify yourself. You can set one of these as your preferred sign-in mode, and the other two will be set as alternate verification modes. When signing in to your Zoho account, you will be prompted to verify using the preferred sign-in mode, but you can always switch to an alternate verification mode by clicking Sign in another way on your sign-in page.
Sign-in mode | How it works | Online/Offline |
Push notification | A push notification will be sent to your mobile device when you try to sign in. You will need to accept it to verify yourself. | Requires Internet |
Time-based OTP | In the sign-in page, you will need to enter a verification code that your OneAuth apps generates (for every 30 seconds) to verify yourself. | Works offline |
QR code | In the sign-in page, you will need to scan a QR code using the scanner in your OneAuth app to verify yourself. | Requires Internet |
Biometric verification
In addition to the sign-in modes of OneAuth, you can also set up another layer of verification using your biometrics (provided that your device supports it). You can configure either Face ID or Touch ID for verification.
Passwordless sign-in
OneAuth also offers a way for you to sign in without using a password. With passwordless sign-in, the first step of entering your password will be skipped. Your preferred sign-in mode and biometric data will act as the first and second steps of verification.
- Regular MFA sign-in:
Username ----> Password ---> MFA mode ----> Access
- Passwordless sign-in using OneAuth:
Username ----> Preferred sign-in mode ----> Biometrics (optional) ----> Access
You can enable passwordless sign-in when configuring MFA in OneAuth.
For a seamless sign-in experience, we recommend the combination of Passwordless sign-in + Push notification mode + Biometric verification.
How to sign in without password:
First, set up OneAuth on your mobile device and make sure to enable Passwordless sign-in.
Once you have set up passwordless sign-in, you can sign in using the following steps:
- Go to the Zoho Accounts sign-in page.
- Enter your username, then click Next.
- Open OneAuth on your mobile device, and verify your identity using your preferred sign-in mode to sign in.
Note: If you have set Push Notification as your preferred sign-in mode, you will need to verify your identity using random number verification. After you enter your username, a random number will be displayed on the sign-in page. You have to open the push notification sent to your mobile device and tap on the correct number to sign in.
Setting up OneAuth
Prerequisites
- Must have a Zoho account
- Must have a supported browser (Google Chrome or Safari browser) installed in you mobile phone
Note: If you are part of an organization, your organization admin may have enforced MFA-related security policies. In that case, some MFA and recovery options may not be available to you.
A. Install OneAuth and enable MFA
- Download and Install the latest version of OneAuth (from Appstore/ Playstore).
- Open OneAuth and tap SIGN IN.
- Sign in with your Zoho credentials.
- Tap either Go Passwordless or Keep using Password.
- In the Authentication Summary page, tap Enable MFA.
B. Configure MFA
Once you have enabled MFA using OneAuth, you can configure MFA as per your requirements.
- In the MFA tab, tap
.
- If you want to sign in without entering the password, enable Passwordless sign in.
- Select your Preferred sign-in mode, then click Done.
- If you want to add another layer of biometric verification, enable Fingerprint authorization/ Face ID authorization.
C. Configure recovery mode
Configuring recovery modes will help you avoid getting locked out of your account, incase you lose your mobile device or lose access to OneAuth in some way.
- Go to the Settings tab.
- Tap Recovery.
- Configure your preferred recovery modes:
D. Set OneAuth as your primary MFA mode
If you have multiple MFA modes configured, you can set OneAuth as your primary MFA mode using the steps below:
- Go to accounts.zoho.com.
- Click Multi-Factor Authentication in the left menu.
- Click Make Primary next to OneAuth.
Note: If you haven't configured any other MFA mode, OneAuth will be set as the primary mode by default.
Learn more about OneAuth
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho Writer?
Create. Review. Publish.
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Recover OneAuth account
Zoho OneAuth offers a secure way to sign in to your Zoho account and other 2FA supported online accounts. However, there may be instances where you could get locked out of your OneAuth account, such as: You uninstalled OneAuth from your device ...Use Alternate Sign-in Modes
If you're facing network issues that prevent you from receiving push notifications or scanning a QR code, OneAuth offers alternative sign-in methods. You can still verify your identity using time-based OTP (TOTP) or by scanning the MFA or Smart ...Smart Sign-in using OneAuth
Smart Sign-in is a secure and seamless way to sign in to your Zoho account by scanning a QR code using Zoho's Authenticator app, OneAuth. You need not type in your username or password manually. Prerequisites You need OneAuth installed on your mobile ...OneAuth
Zoho's OneAuth is a multi-factor authentication (MFA) app designed to secure your Zoho accounts as well as other third-party accounts. The key features of OneAuth include the following: Passwordless sign-in allows you to sign in to your account ...Get Started with OneAuth
What is OneAuth? OneAuth is a free industry-standard multi-factor authentication (MFA) app developed by Zoho for securing your Zoho accounts and social accounts such as Google, Facebook, and Twitter. Configuring MFA for your online accounts will ...
New to Zoho LandingPage?
Zoho LandingPage Resources