Multi-factor authentication

Multi-factor authentication


You can add an extra layer of security by enabling Multi-factor authentication (MFA) for users in your organization. MFA is a security process in which the user provides different authentication factors to verify who they are. Various authentication modes such as SMS, time-based OTP, Touch ID, YubiKey or QR code can be set up according to your preference.

When you enable MFA, all your future sign-ins will require you to verify your identity to ensure that your account isn't accessed by unknown users. You can also enable an MFA mode for your account. For example, if you enable SMS-based OTP, an OTP will be sent to your mobile number, which then needs to be entered when you sign in, thus ensuring that your account stays protected.

Steps  

How to set up multi-factor authentication?  

  • Go to Settings > Security & Compliance > Multi-factor Authentication  

  • Click on the link Zoho Directory.  




  • Enter your Company Name and Portal Name and click on CREATE ACCOUNT.




  • Now go to Security > Security Policies and click on Getting Started.



  • Open the Multi-Factor Authentication tab under Default policy and click Setup .




  • Select the authentication modes of your choice, enter the number of days for MFA lifetime and click Update Policy.



    To know more about the authentication modes, MFA lifetime and backup recovery codes, you can refer to this article.

  • Once enforced, additional verification such as SMS, OTP, etc, will be required for further logins.


How to activate MFA for newly added technicians in the organization?


If you have added a new technician in your Lens organization, you can invite them to have a MFA set up by following the below steps.

  • Go to Settings and choose Multi-factor Authentication below Security & Compliance.

  • Click on MANAGE.




  • Navigate to the tab Users. The users who have been newly added to your Lens organization will be listed as Not invited yet.



  • To add them to your Zoho Directory account, hover over the specified user and click the Send invitation button. 

  • An invite mail will be sent to the user. Once the user clicks Confirm now and accepts the invitation, it will activate the MFA for that user.


How to reset lost or forgotten passwords for users? 

 

If you are the Admin of the organization, you can reset the user's password by following the steps below.


  1. Go to the Users tab in Zoho Directory, select the required users and click Reset Password.



  2. Enter a password manually or use the Generate password option. Enable 'Email the new password to the users' option and click Reset.



  3. A mail will be sent to the particular user containing the new password.

  4. Once reset, the new password should be used for further logins.