Secure Online Accounts Via OneAuth | OneAuth - Help

Secure non-Zoho accounts using OneAuth's OTP authenticator

Note : This article explains how you can use OneAuth to secure your non-Zoho accounts. If you want to secure your Zoho account using OneAuth, check out the article Set up OneAuth for your Zoho account.
Using OneAuth's OTP authenticator, you can secure your non-Zoho accounts such as Google, Facebook, and Microsoft (via two factor verification). Once you have configured OneAuth as an OTP authenticator for your online third-party accounts, OneAuth will generate OTP codes that you can use to sign in to those accounts.

OneAuth's OTP authenticator has the following features:
  1. Two factor verification for all your online accounts
  2. Secure backup of OTP secrets to Zoho Cloud
  3. Easy restoration of OTP secrets to new devices

How to secure an online account using OneAuth

To secure an online account, you need to get an OTP secret from that account and use it to add that account in OneAuth. This OTP secret will be used by OneAuth to generate OTPs, which in turn can be used to sign in to that online account.
                                                  OTP secret                                  OTPs
Online account settings ----------------------> OneAuth --------------------> For two-factor verification

Step 1: Get OTP secret (generic instructions)
  1. Go to the security settings of the online account you want to secure.
  2. Find the option to enable two-factor verification.
  3. Select the OTP authenticator option.
  4. A QR code/secret key will be displayed.
Info : Help links for getting the OTP secret in Facebook | Google | Twitter | LinkedIn | Microsoft

Step 2: Add the online account in OneAuth
  1. Download and install OneAuth on your device.
  2. Open OneAuth and tap GUEST. If you have a Zoho account, sign in with it instead.
  3. Go to the Authenticator tab.
  4. Tap Add now.
  5. Tap Scan a QR secret, allow access to the phone camera when prompted, then scan the QR code displayed on the online account's page. If you have trouble scanning the QR code, choose the Enter secret manually option instead, and enter the following details:
    1. Issuer Name    : Name of the online account you want to secure (e.g., Facebook, Google)
    2. Name               : Your username in that account (i.e., the one which you use to sign in)
    3. Secret              : The 15-digit secret displayed on your online account's page.
  6. Your account will be added and OTP will be displayed.
  7. Enter this OTP when prompted by your online account's settings page.
Once you have set up OneAuth with your online account and enabled TFA, you can use the OTP
displayed in OneAuth to verify yourself whenever you want to sign in to that account.

To set up TFA for more accounts, tap  in the top-right corner.

Back up and restore OTP secrets

In OneAuth, you can securely back up all your OTP secrets to Zoho Cloud and restore them whenever you need.

The reasons why you should back up the OTP secrets are:

  1. The OTP secrets are unique to each online account you have. OneAuth uses these secrets to generate OTPs for your two-factor verification needs. If you lose access to the device in which OneAuth was installed, these secrets will be lost and you will not be able to access any of the online accounts you have secured with OneAuth.
  1. The backup feature allows you to synchronize these secrets with multiple devices. You can set up secondary OneAuth devices, and use whichever is available to you.

What is required to back up OTP secrets?

  1. (1) A Zoho account
    You will need to create a Zoho account to store the secrets. All your OTP secrets will be encrypted and backed up in this account. You can use this account to restore the stored secrets to new devices.
  1. (2) Passphrase:
    You will need to set up a passphrase when backing up your secrets. This passphrase will be used to encrypt your OTP secrets and then these secrets will be stored in your account. When you want to restore your secrets to a new device, you will be asked to enter this passphrase. The reason for this encryption is to make sure that your OTP secrets are stored securely and not accessed by anyone (including Zoho). You should note that only the encrypted secrets will be stored by Zoho and not the passphrase. If you forget the passphrase, you will not be able to restore your secrets.

How to back up OTP secrets?

First, create a Zoho account by going to the Upgrade tab, then tap Create a free Zoho Account. If you already have a Zoho account, sign in with it instead.

After you have signed in, follow the steps below to backup your secrets:
  1. Open OneAuth on your mobile device.
  2. Go to the Authenticator tab, then tap Backup Secrets.
  3. You will be asked to set up a passphrase. Tap SET UP.
  4. Enter a passphrase of your choice, then tap Next.
  5. Re-enter the passphrase, then tap Done.
When you add new online accounts to OneAuth, their secrets will be backed up at regular intervals automatically. To manually back up your secrets, pull down from the top in Authenticator tab.

How to restore OTP secrets?

  1. Install OneAuth on your new device and sign in with your Zoho account.
  2. Go to the Authenticator tab.
  3. Tap Restore Secrets. You will be asked to enter your passphrase.
  4. Enter the passphrase, then tap RESTORE.
Once you tap RESTORE, all the previously backed up and encrypted secrets will be decrypted using your passphrase and will be restored to your current device from the cloud.

How to change passphrase?

Important note:
For security reasons, when you change your passphrase:
  1. All the previously backed up secrets will be deleted from Zoho Cloud. They will not be deleted from the device you're currently using to change the passphrase.
  2. The current secrets present in the device on which you change the passphrase will be backed up fresh to Zoho Cloud.
Make sure you change your passphrase from the device which has all the required secrets, because only the secrets present on that device will be backed up and the rest present on other devices will be deleted permanently.

To change passphrase:
  1. Open OneAuth on your mobile device.
  2. Go to the Settings tab, then tap Recovery.
  3. Tap Edit below the passphrase.
  4. Enter a new passphrase, then tap Next.
  5. Re-enter the passphrase, then tap Done.

Export and import accounts

Note: You can only export and import accounts in the OneAuth app, and not from any other authenticator apps.

If you are a signed-in user and have already backed up your OTP accounts, you can use the passphrase to restore them. If you haven't backed up your OTP accounts, but have your old device in hand, you can back up the accounts from your old device and restore them to your new device. Click here for the steps to back up and restore accounts.

If you do not want to back up and restore accounts, you can export the OTP accounts from your old device and import them to your new device. You can do this even if you're not signed in to OneAuth or connected to the internet. 

Info: However, it is recommended to backup and restore accounts. See why.

Step 1: Export the accounts from your old device:

  1. Open OneAuth and go to the Authenticator  tab.
  2. Tap  , then tap Export.
  3. Select the accounts that you want to export, then tap Export. Depending on the number of OTP accounts, one or more QR codes will be displayed. A verification code will also be displayed. If there are multiple QR codes, the verification code will be displayed below the last QR code.

Step 2: Import the accounts to your new device:

  1. Install OneAuth on your new device.
  2. Go to the Authenticator  tab.
  3. Tap , then tap Import. Instructions to import will be shown.
  4. Tap Scan QR.
  5. Scan the QR code displayed on your old mobile device. 
  6. To complete the import, enter the verification code that is displayed on your old device. If there are multiple QR codes, the verification code will be displayed below the last QR code.


  1. How to add secondary devices?
  2. How to recover OneAuth if you lose access to it?

    Zoho CRM Training Programs

    Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

    Zoho CRM Training
      Redefine the way you work
      with Zoho Workplace

        Zoho DataPrep Personalized Demo

        If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

        Zoho CRM Training

          Create, share, and deliver

          beautiful slides from anywhere.

          Get Started Now

            Zoho Sign now offers specialized one-on-one training for both administrators and developers.

            BOOK A SESSION

                                      You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.

                                          Manage your brands on social media

                                            Zoho Desk Resources

                                            • Desk Community Learning Series

                                            • Digest

                                            • Functions

                                            • Meetups

                                            • Kbase

                                            • Resources

                                            • Glossary

                                            • Desk Marketplace

                                            • MVP Corner

                                            • Word of the Day

                                              Zoho Marketing Automation

                                                Zoho Sheet Resources


                                                    Zoho Forms Resources

                                                      Secure your business
                                                      communication with Zoho Mail

                                                      Mail on the move with
                                                      Zoho Mail mobile application

                                                        Stay on top of your schedule
                                                        at all times

                                                        Carry your calendar with you
                                                        Anytime, anywhere

                                                              Zoho Sign Resources

                                                                Sign, Paperless!

                                                                Sign and send business documents on the go!

                                                                Get Started Now

                                                                        Zoho TeamInbox Resources

                                                                                Zoho DataPrep Resources

                                                                                  Zoho DataPrep Demo

                                                                                  Get a personalized demo or POC

                                                                                  REGISTER NOW

                                                                                    Design. Discuss. Deliver.

                                                                                    Create visually engaging stories with Zoho Show.

                                                                                    Get Started Now

                                                                                                        • Related Articles

                                                                                                        • What is an OTP authenticator in Zoho OneAuth?

                                                                                                          One-time Passcode (OTP) authenticator is Zoho OneAuth's in-built two-factor authentication (TFA) module. You can use the OTP authenticator to secure your business and social accounts like Google, Microsoft, or Facebook. You can also use the OTP ...
                                                                                                        • Backup and sync 2FA accounts

                                                                                                          In OneAuth, you can securely back up all your 2FA accounts to Zoho Cloud and restore them whenever you need. The reasons why you should back up the 2FA accounts are: 2FA secrets (secret key that you used to add the 2FA account in OneAuth)are unique ...
                                                                                                        • OneAuth 3.0: Enhanced encryption & sync logic of OTP secret keys

                                                                                                          The need for encrypting OTP secret keys In OneAuth, you can back up your OTP secret keys with Zoho Cloud to have them synced across all your devices and to restore them whenever needed. More about backup and sync Info: "Secret key" refers to the ...
                                                                                                        • OneAuth

                                                                                                          Zoho's OneAuth is a multi-factor authentication (MFA) app designed to secure your Zoho accounts as well as other third-party accounts. The key features of OneAuth include the following: Passwordless sign-in allows you to sign in to your account ...
                                                                                                        • Getting started with OneAuth

                                                                                                          What is OneAuth? OneAuth is a free industry-standard multi-factor authentication (MFA) app developed by Zoho for securing your Zoho accounts and social accounts such as Google, Facebook, and Twitter. Configuring MFA for your online accounts will ...
                                                                                                          Wherever you are is as good as
                                                                                                          your workplace



                                                                                                            Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.


                                                                                                            Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.


                                                                                                            Sign up for our webinars and learn the Zoho CRM basics, from customization to sales force automation and more.

                                                                                                            CRM Tips

                                                                                                            Make the most of Zoho CRM with these useful tips.

                                                                                                              Zoho Show Resources