Feature update: Advanced security settings

Feature update: Advanced security settings

We've previously written about how using security policies could be beneficial for admins. To enable you to better protect your organization, we've come up with a few additional settings for security policies in Zoho One that can be used to regulate your users' web sessions.

What are web sessions?

A web session refers to the period of time you stay signed in to your Zoho One account. You create a new web session every time you sign in to Zoho One (or any of its included apps), and this session exists until you sign out.

Why is session management important?

Although defining web sessions is easy, managing them isn't. As end users, we often create new web sessions (and forget them) without even realizing it. Today, everyone has at least two devices and uses at least two browsers (and a few in-app mobile browsers) in each of those devices. On top of this, we often use a friend or relative's device to type out a late-night email or reply to a colleague's message. Every time we sign in to our account on these various browsers, we end up creating concurrent web sessions. However, we rarely sign out of these sessions manually, resulting in unaccounted sessions.
These unaccounted sessions could expose your organization's data to insecure devices or software, and consequently to malicious parties.

How to use session management to mitigate these threats?

As an admin, you can now enforce a secure session management policy for your entire organization using these three settings:
  • Session lifetime
  • Idle session timeout
  • Concurrent sessions

Regulating session lifetime

Session lifetime refers to the maximum period of time a user can stay signed in on a browser or device before being forcefully signed out of it. If your session lifetime is set as 30 days, you'll be signed out 30 days after signing in to your account, even if it is on a browser or device that you use everyday.

Setting up idle session timeout

Idle session timeout refers to the maximum period of time users can sign in and stay inactive on a browser or device before being forcibly signed out of it. For example, assume your idle session timeout is set as three hours. If you spend more than three hours away from Zoho One, you'll be automatically signed out.

Limiting concurrent sessions

Concurrent sessions refer to multiple sessions present in different browsers or devices at the same time. For example, you might be signed in to your account on your laptop as well as your mobile at the same time. Or you might be signed in on two different browsers in your laptop at the same time. Limiting the number of concurrent sessions you're allowed to have will protect you from creating too many unaccounted sessions. Once you reach the maximum number of sessions, you'll be forced to clear your older sessions, thereby signing you out of all other sign-ins.

Besides enforcing these settings through security policies, you can also use the Account Activity subtab in a user's information screen to monitor and manage an individual user's active sessions.
To learn more about configuring session management, go through our Knowledge Base article on it.

We hope this was useful. Have any thoughts or questions about the new feature? Drop a comment, and we'll discuss.


    • Sticky Posts

    • Connect with Zoho users from your industry, virtually!

      A couple of years ago, we started setting up industry-wise channels for users with similar businesses to chat and discuss Zoho contextually. We started with Real Estate and E-commerce sectors, creating a chatroom and hosting regular meetups on niche areas

    • Feature update: Advanced security settings

      We've previously written about how using security policies could be beneficial for admins. To enable you to better protect your organization, we've come up with a few additional settings for security policies in Zoho One that can be used to regulate your users' web sessions. What are web sessions? A web session refers to the period of time you stay signed in to your Zoho One account. You create a new web session every time you sign in to Zoho One (or any of its included apps), and this session exists

      • Recent Topics

      • Zoho Projects - Pin Recent Projects

        Hi Projects Team, It would be great if I could "pin" projects on the Recent Projects list in Zoho Projects. We have some internal projects which we regularly have to add time and some regular client projects. It would be great if I could pin those projects

      • ZDK Error

        I get this error when trying to trigger a CRM Function from Client Script: Uncaught (in promise) ZDKError: {"code":"NOT_ACTIVE","details":{"api_name":"activate_client_from_prospect"},"message":"api is inactive for the given custom function","status":"error"}

      • "Disbursing product components in phases, monitoring them, and displaying only the final product."

        i have a product composed of multiple components, and these components will be delivered to the customer in batches. However, the final invoice should only show the finished product. How can I issue (or release) the components and track their delive

      • Followed Subtasks doesn't show up in the Subtasks Section

        I have a task assigned to me now in the same task, there's a subtask and I am added as the follower on that task Even though I am a follower I still don't see that in the subtasks section The view permission for the profile is Related It's supposed to

      • Tip #39- Strengthen account security with Multi-factor Authentication (MFA) – ‘Insider Insights’

        Securing your organization's data begins with verifying that only the correct individuals have access to it. One of the simplest yet most effective ways to accomplish this is to enable Multi-factor Authentication (MFA) within Zoho Assist. MFA introduces

      • Automate timeout chat tracking with Workflows in SalesIQ

        With our feature-packed Nova release, Workflows has become one of the most powerful tools in Zoho SalesIQ. They let you automate follow-up actions when key events occur, such as when a chat ends, a visitor leaves a bad/good rating, or a lead is updated.

      • Mass edit / Mass update products

        Hi, Is there any way to mass update or bulk edit product fields in Zoho Inventory?

      • Automatic Verification of IMAP Integration Status

        Our sales staff have their O365 email integrated with CRM, over time this integration requires re-authentication via the UI. I can manually check the integration status by accessing Settings -> Channels -> Email -> Email Sharing -> "Configuration Type"

      • Tip of the Week #68– Share and access files faster with Zoho WorkDrive extension.

        Have you ever wasted time searching for the right file to attach to your emails—or worried whether the right people could access it? Without proper sharing settings, files might end up inaccessible to teammates or, worse, visible to people who shouldn’t

      • CV-Library: The Newest Source Booster in Zoho Recruit!

        We’ve expanded your sourcing toolkit — CV-Library, one of the UK’s largest and most trusted online job boards, is now available as a Source Booster in Zoho Recruit. This gives recruiters instant access to millions of UK-based candidate profiles, all without

      • Zoho AI Translate Task as Rest API

        I cant find any docs on how to use Zoho AI Translate Task from a rest api call https://www.zoho.com/deluge/help/ai-tasks/translate.html I am working on a custom Widget and I dont think I can execute zoho deluge ai translate task from a custom widget.

      • Is there the possibility to book less than 250 customer portal users?

        If you use the Creator, which is included in Zoho ONe, you can create a customer portal and give access to a maximum of 3 external people / customers, right? On the Creator website I saw that you can add 250 users for 100€/month. However, we don't need

      • Display Parts custom fields in the Work Order

        Hello, I see that is it possible to add custom fields in the Parts module. Would it be possible to also add those custom fields in the Work Order Module under Parts? This would be very useful for customer who want to showcase more information about parts.

      • Unable to edit Saved Estimates

        We are facing issue with editing the price or discount for a saved estimate for nearly 1 week.

      • Translation Blueprint & Picklists with Custom Values

        Hello everyone, I downloaded the translation file and I'm not finding the blueprint transitions. Does this means that the transitions cannot be translated? Also, the picklist values to be translated in the document are not the same that are actually used the in module. For exemple, for my lead module, the picklist values for Lead Status are : Not-contacted, contacted, junk and lost lead. In the translation document (English to French), this is what I see: PicklistValues.Leads.Lead_Status.Contact

      • How to create a custom sales signal?

        I want to create a custom sales signal for a custom module. is it possible to create one? If anyone know please let me know

      • Multi-line address lines

        How can I enter and migrate the following 123 state street Suite 2 Into a contact address. For Salesforce imports, a CR between the information works. The ZOHO migration tool just ignores it. Plus, I can't seem to even enter it on the standard entry screen.

      • Only show products in offers based on lead source

        We work with several lead sources, each with their own products and different pricing. For example, one product might have two or three different prices. Sometimes, when creating a quote, the wrong product is accidentally selected. Is there a way to only

      • Narrative 7 - The importance of data sharing

        Behind the scenes of a successful ticketing system - BTS Series Narrative 7 - The importance of data sharing Definition Data sharing requires a commitment to preserving the integrity and dependability of shared data throughout its entire lifecycle. This

      • TrueSync regularly filling up my local disk

        Seems that WorkDrive's TrueSync randomly starts filling up my local hard drive space. None of the folders have been set as "Make Offline" but still it seems to randomly start making file offline. The settings of the app is so minimal and is of no real

      • How can you re-push non failed submission through the integrations again?

        Hi, I can see there is an option the 'Re-push' failed integration submissions from Zoho Forms. Is there a way to do this for all submissions? We've just re-built an integration so things go into different fields and we would like to re-push everything

      • Check out in Meetings

        Why there is no check out in Meetings of Zoho CRM, very difficult to track

      • Issue with Zoho Projet

        Zoho Project on all the cellphones of my customer is crashing. He has mixed brands (Samsung and Pixel). Everything is fine on website and mobile website. Could not reproduce the issue in workshop using Samsung/Pixel/iPhone Uninstallation of Zoho Project

      • SecurePass email English language issue -- please hire someone to correct the English language issues sprinkled throughout your interface

        I wrote previously about some incorrect English in your SecurePass offering. After about six months it was corrected. I have never revoked permission before today and just discovered another language mistake that was not corrected. When you revoke a SecurePass

      • Published Components

        @zoho team, Checking if we can add a password for the public links as we have non-licensed users

      • Zoho Creator customer portal users

        Hi, I'm in a Zoho One subscription with our company. I'm running a project now that involves creating a Zoho Creater application and using the Zoho Creator Customer Portal.  At most we need 25 customer portal users. In our Zoho One plan we only get 3

      • Please Enable Snippets for Agents Adding Comments

        Snippets and templates are currently enabled for agents when they use the reply functionality. There is currently no way to add a template or snippets when an agent comments. This is really weird. Our agents don't use the reply functionality, only the

      • Tip of the Week - Extracting Data from JSON Columns

        Let's say you are importing a CSV or Excel file into Zoho Analytics. What if the file contains a few columns in JSON format? This is where Zoho DataPrep, embedded right within Zoho Analytics, comes in handy. This week's tip explains how to extract data

      • Deluge UI Updates

        Are there any updates planned for the Deluge UI in Zoho Desk? It feels quite dated and lack-lustre after you've spent some time in the CRM Deluge UI.

      • Zia Agents - Follow Ups

        It would be nice to have Zia Agents do follow ups. A lot of times agents are trying to schedule things with users and they say "can we set your printer up tomorrow?" and the user never says anything. A way to have a personalized reminder to the user automatically

      • Hide Agents name in Ticket Responses in "My Area"

        We were able to hide the agents name in the emails, however, the customer is able to see which agent has responded to a ticket in the thread of emails by going into their Help Center thread. Is there any way we can hide that information?

      • Option to Automatically Update Extensions

        Hello Zoho Desk Team, We recently received an email notifying us about an extension update that must be done manually. We’d like to request a feature that allows extensions to be updated automatically without requiring manual intervention. This would

      • Copy / Duplicate Workflow

        I have workflows setup that are very similar to each other. We have a monitoring system watching servers, and all notifications - no matter what client it is about - will come from a  noreply@ address which is not very helpful in having it auto assigned to the right account. I have setup a workflow that will change the contact name of the ticket (currently it would say noreply@) to the correct customer which is based on the subject line, as that mentions which server the alert it is about. I need

      • Embed Report with Auto Height

        Hello Developers, When we embed report within Page, we are getting one awesome feature to adjust the report height. "Auto" and "Custom' height. This "Auto" option works well when we have no records. But I want to embed report based on some conditions

      • Zoho Payroll: Product Updates - August 2025

        This month’s updates to Zoho Payroll bring enhanced efficiency and smarter features, simplifying payroll management for users in India, UAE, KSA, and US. Read on to explore how these updates can streamline your workflow. Filter Pay Runs by Type (India,

      • Numerical Rating for Interviewer Assessments

        Introducing Numerical Rating, a powerful new addition to interviewer assessments that brings precision and flexibility to candidate evaluations. ✅ What is Numerical Rating? Numerical Rating lets interviewers assign a score for each question in the assessment,

      • Choosing a portal option and the "Unified customer portal"?

        I am trialling Zoho to replace various existing systems, one of which is a customer portal. Our portal allows clients to add and edit bookings, complete forms, manage their subscriptions and edit some CRM info. I am trying to understand how I might best

      • User Tips: Adding Multiple Products (Package) to a Quote v2.0 (with Client Script)

        This solution is an improvement on the original idea which used deluge. My solution was posted in the comments are: https://help.zoho.com/portal/en/community/topic/adding-multiple-products-package-to-a-quote The updated version uses client script instead

      • Are downloadable product available in Zoho Commerce

        Hi all. We're considering switching to Zoho Commerce for our shop, but we sell software and remote services. Is there a features for downloadable products? I can't find any information about this. Thank you very much Alice

      • Need Faster Help? Try Live Chat Support

        Hello there, We understand that sometimes, whether you’re facing an issue, exploring a feature, or need quick clarification, sending an email and waiting for a response just doesn’t cut it. You need answers, and you need them now. That’s exactly why we

      • Next Page