Info: This article explains the working of OneAuth and how you can set it up to secure your Zoho account. If you don't have a Zoho account, but want to secure your other non-Zoho accounts, check out OneAuth's OTP Authenticator
How OneAuth works
Zoho OneAuth offers a three-step authentication flow to secure and improve the sign-in experience for its users. After you enter your username, you will need to verify yourself using the following steps:
- Enter your password.
- Verify your identity using one of three sign-in modes available in OneAuth.
- Verify your identity using your biometric data such as your finger print or facial recognition data.
OneAuth sign-in modes
OneAuth offers three sign-in modes to verify yourself. You can set one of these as your preferred sign-in mode, and the other two will be set as alternate verification modes. When signing in to your Zoho account, you will be prompted to verify using the preferred sign-in mode, but you can always switch to an alternate verification mode by clicking Sign in another way on your sign-in page.
How it works
A push notification will be sent to your mobile device when you try to sign in. You will need to accept it to verify yourself.
In the sign-in page, you will need to enter a verification code that your OneAuth apps generates (for every 30 seconds) to verify yourself.
In the sign-in page, you will need to scan a QR code using the scanner in your OneAuth app to verify yourself.
In addition to the sign-in modes of OneAuth, you can also set up another layer of verification using your biometrics (provided that your device supports it). You can configure either Face ID or Touch ID for verification.
OneAuth also offers a way for you to sign in without using a password. With passwordless sign-in, the first step of entering your password will be skipped. Your preferred sign-in mode and biometric data will act as the first and second steps of verification.
For a seamless sign-in experience, we recommend the combination of Passwordless sign-in + Push notification mode + Biometric verification.
Setting up OneAuth
- Must have a Zoho account
- Must have a supported browser (Google Chrome or Safari browser) installed in you mobile phone
Note: If you are part of an organization, your organization admin may have enforced MFA-related security policies. In that case, some MFA and recovery options may not be available to you.
A. Install OneAuth and enable MFA
- Download and Install the latest version of OneAuth (from Appstore/ Playstore).
- Open OneAuth and tap SIGN IN.
- Sign in with your Zoho credentials.
- Tap either Go Passwordless or Keep using Password.
- In the Authentication Summary page, tap Enable MFA.
B. Configure MFA
Once you have enabled MFA using OneAuth, you can configure MFA as per your requirements.
- In the MFA tab, tap .
- If you want to sign in without entering the password, enable Passwordless sign in.
- Select your Preferred sign-in mode, then click Done.
- If you want to add another layer of biometric verification, enable Fingerprint authorization/ Face ID authorization.
C. Configure recovery mode
Configuring recovery modes will help you avoid getting locked out of your account, incase you lose your mobile device or lose access to OneAuth in some way.
- Go to the Settings tab.
- Tap Recovery.
- Configure your preferred recovery modes:
- Backup mobile number
- Backup verification codes
D. Set OneAuth as your primary MFA mode
If you have multiple MFA modes configured, you can set OneAuth as your primary MFA mode using the steps below:
- Go to accounts.zoho.com.
- Click Multi-Factor Authentication in the left menu.
- Click Make Primary next to OneAuth.
Note: If you haven't configured any other MFA mode, OneAuth will be set as the primary mode by default.
Learn more about OneAuth
- Alternate verification
- OneAuth's OTP authenticator
- Recovering OneAuth