Secure Online Accounts Via OneAuth | OneAuth - Help

Secure non-Zoho accounts using OneAuth's OTP authenticator

Note : This article explains how you can use OneAuth to secure your non-Zoho accounts. If you want to secure your Zoho account using OneAuth, check out the article Set up OneAuth for your Zoho account.
Using OneAuth's OTP authenticator, you can secure your non-Zoho accounts such as Google, Facebook, and Microsoft (via two factor verification). Once you have configured OneAuth as an OTP authenticator for your online third-party accounts, OneAuth will generate OTP codes that you can use to sign in to those accounts.

OneAuth's OTP authenticator has the following features:
  1. Two factor verification for all your online accounts
  2. Secure backup of OTP secrets to Zoho Cloud
  3. Easy restoration of OTP secrets to new devices

How to secure an online account using OneAuth

To secure an online account, you need to get an OTP secret from that account and use it to add that account in OneAuth. This OTP secret will be used by OneAuth to generate OTPs, which in turn can be used to sign in to that online account.
                                                  OTP secret                                  OTPs
Online account settings ----------------------> OneAuth --------------------> For two-factor verification

Step 1: Get OTP secret (generic instructions)
  1. Go to the security settings of the online account you want to secure.
  2. Find the option to enable two-factor verification.
  3. Select the OTP authenticator option.
  4. A QR code/secret key will be displayed.
Info : Help links for getting the OTP secret in Facebook | Google | Twitter | LinkedIn | Microsoft

Step 2: Add the online account in OneAuth
  1. Download and install OneAuth on your device.
  2. Open OneAuth and tap GUEST. If you have a Zoho account, sign in with it instead.
  3. Go to the Authenticator tab.
  4. Tap Add now.
  5. Tap Scan a QR secret, allow access to the phone camera when prompted, then scan the QR code displayed on the online account's page. If you have trouble scanning the QR code, choose the Enter secret manually option instead, and enter the following details:
    1. Issuer Name    : Name of the online account you want to secure (e.g., Facebook, Google)
    2. Name               : Your username in that account (i.e., the one which you use to sign in)
    3. Secret              : The 15-digit secret displayed on your online account's page.
  6. Your account will be added and OTP will be displayed.
  7. Enter this OTP when prompted by your online account's settings page.
Once you have set up OneAuth with your online account and enabled TFA, you can use the OTP
displayed in OneAuth to verify yourself whenever you want to sign in to that account.

To set up TFA for more accounts, tap  in the top-right corner.

Back up and restore OTP secrets

In OneAuth, you can securely back up all your OTP secrets to Zoho Cloud and restore them whenever you need.

The reasons why you should back up the OTP secrets are:

  1. The OTP secrets are unique to each online account you have. OneAuth uses these secrets to generate OTPs for your two-factor verification needs. If you lose access to the device in which OneAuth was installed, these secrets will be lost and you will not be able to access any of the online accounts you have secured with OneAuth.
  1. The backup feature allows you to synchronize these secrets with multiple devices. You can set up secondary OneAuth devices, and use whichever is available to you.

What is required to back up OTP secrets?

  1. (1) A Zoho account
    You will need to create a Zoho account to store the secrets. All your OTP secrets will be encrypted and backed up in this account. You can use this account to restore the stored secrets to new devices.
  1. (2) Passphrase:
    You will need to set up a passphrase when backing up your secrets. This passphrase will be used to encrypt your OTP secrets and then these secrets will be stored in your account. When you want to restore your secrets to a new device, you will be asked to enter this passphrase. The reason for this encryption is to make sure that your OTP secrets are stored securely and not accessed by anyone (including Zoho). You should note that only the encrypted secrets will be stored by Zoho and not the passphrase. If you forget the passphrase, you will not be able to restore your secrets.

How to back up OTP secrets?

First, create a Zoho account by going to the Upgrade tab, then tap Create a free Zoho Account. If you already have a Zoho account, sign in with it instead.

After you have signed in, follow the steps below to backup your secrets:
  1. Open OneAuth on your mobile device.
  2. Go to the Authenticator tab, then tap Backup Secrets.
  3. You will be asked to set up a passphrase. Tap SET UP.
  4. Enter a passphrase of your choice, then tap Next.
  5. Re-enter the passphrase, then tap Done.
When you add new online accounts to OneAuth, their secrets will be backed up at regular intervals automatically. To manually back up your secrets, pull down from the top in Authenticator tab.

How to restore OTP secrets?

  1. Install OneAuth on your new device and sign in with your Zoho account.
  2. Go to the Authenticator tab.
  3. Tap Restore Secrets. You will be asked to enter your passphrase.
  4. Enter the passphrase, then tap RESTORE.
Once you tap RESTORE, all the previously backed up and encrypted secrets will be decrypted using your passphrase and will be restored to your current device from the cloud.

How to change passphrase?

Important note:
For security reasons, when you change your passphrase:
  1. All the previously backed up secrets will be deleted from Zoho Cloud. They will not be deleted from the device you're currently using to change the passphrase.
  2. The current secrets present in the device on which you change the passphrase will be backed up fresh to Zoho Cloud.
Make sure you change your passphrase from the device which has all the required secrets, because only the secrets present on that device will be backed up and the rest present on other devices will be deleted permanently.

To change passphrase:
  1. Open OneAuth on your mobile device.
  2. Go to the Settings tab, then tap Recovery.
  3. Tap Edit below the passphrase.
  4. Enter a new passphrase, then tap Next.
  5. Re-enter the passphrase, then tap Done.

Export and import accounts

Note: You can only export and import accounts in the OneAuth app, and not from any other authenticator apps.

If you are a signed-in user and have already backed up your OTP accounts, you can use the passphrase to restore them. If you haven't backed up your OTP accounts, but have your old device in hand, you can back up the accounts from your old device and restore them to your new device. Click here for the steps to back up and restore accounts.

If you do not want to back up and restore accounts, you can export the OTP accounts from your old device and import them to your new device. You can do this even if you're not signed in to OneAuth or connected to the internet. 

Info: However, it is recommended to backup and restore accounts. See why.

Step 1: Export the accounts from your old device:

  1. Open OneAuth and go to the Authenticator  tab.
  2. Tap  , then tap Export.
  3. Select the accounts that you want to export, then tap Export. Depending on the number of OTP accounts, one or more QR codes will be displayed. A verification code will also be displayed. If there are multiple QR codes, the verification code will be displayed below the last QR code.

Step 2: Import the accounts to your new device:

  1. Install OneAuth on your new device.
  2. Go to the Authenticator  tab.
  3. Tap , then tap Import. Instructions to import will be shown.
  4. Tap Scan QR.
  5. Scan the QR code displayed on your old mobile device. 
  6. To complete the import, enter the verification code that is displayed on your old device. If there are multiple QR codes, the verification code will be displayed below the last QR code.

More

  1. How to add secondary devices?
  2. How to recover OneAuth if you lose access to it?

    Zoho CRM Training Programs

    Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

    Zoho CRM Training
      Redefine the way you work
      with Zoho Workplace

        Zoho DataPrep Personalized Demo

        If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

        Zoho CRM Training

          Create, share, and deliver

          beautiful slides from anywhere.

          Get Started Now


            Get started with Zoho Sign

            in a few quick steps!

            Download Help Guide





                        Still can't find what you're looking for?

                        Write to us:  support@zohoforms.com


                              




                            

                          Zoho Marketing Automation

                            Zoho Sheet Resources

                             




                                Zoho Forms Resources


                                  Secure your business
                                  communication with Zoho Mail


                                  Mail on the move with
                                  Zoho Mail mobile application

                                    Stay on top of your schedule
                                    at all times


                                    Carry your calendar with you
                                    Anytime, anywhere




                                          Zoho Sign Resources

                                            Sign, Paperless!

                                            Sign and send business documents on the go!

                                            Get Started Now


                                                Zoho SalesIQ Resources



                                                    Zoho TeamInbox Resources



                                                            Zoho DataPrep Resources



                                                              Zoho DataPrep Demo

                                                              Get a personalized demo or POC

                                                              REGISTER NOW


                                                                Design. Discuss. Deliver.

                                                                Create visually engaging stories with Zoho Show.

                                                                Get Started Now











                                                                                      • Related Articles

                                                                                      • What is an OTP authenticator in Zoho OneAuth?

                                                                                        One-time Passcode (OTP) authenticator is Zoho OneAuth's in-built two-factor authentication (TFA) module. You can use the OTP authenticator to secure your business and social accounts like Google, Microsoft, or Facebook. You can also use the OTP ...
                                                                                      • OneAuth

                                                                                        Zoho's OneAuth is a multi-factor authentication (MFA) app designed to secure your Zoho accounts as well as other third-party accounts.   The key features of OneAuth include the following: Passwordless sign-in allows you to sign in to your account ...
                                                                                      • Getting started with OneAuth

                                                                                        What is OneAuth? OneAuth is a free industry-standard multi-factor authentication (MFA) app developed by Zoho for securing your Zoho accounts and social accounts such as Google, Facebook, and Twitter. Configuring MFA for your online accounts will ...
                                                                                      • OneAuth features in macOS and Apple Watch

                                                                                        OneAuth is available for macOS . You can download it from the Mac App Store. You can also use OneAuth in your Apple Watch. OneAuth for macOS macOS-specific features Widget You can create widgets for the OneAuth app and view the OTP codes of selected ...
                                                                                      • Set up OneAuth for your Zoho account

                                                                                        Info: This article explains the working of OneAuth and how you can set it up to secure your Zoho account. If you don't have a Zoho account, but want to secure your other non-Zoho accounts, check out OneAuth's OTP Authenticator. How OneAuth works Zoho ...
                                                                                      Wherever you are is as good as
                                                                                      your workplace

                                                                                        Resources

                                                                                        Videos

                                                                                        Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.



                                                                                        eBooks

                                                                                        Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.



                                                                                        Webinars

                                                                                        Sign up for our webinars and learn the Zoho CRM basics, from customization to sales force automation and more.



                                                                                        CRM Tips

                                                                                        Make the most of Zoho CRM with these useful tips.



                                                                                          Zoho Show Resources