Security Enhancements | Migrate to the Updated Policies

Security Enhancements | Migrate to the Updated Policies

Hello everyone,

Zoho Directory's security policies have been updated and reorganized into three new policies with features that enhance the overall organization security. These policies provide a stronger and more secure sign-in methods and improve the user authentication experience.

Earlier, security policies comprised four dedicated components: Password Policy, Multi-Factor Authentication (MFA), Allowed IPs, and Advanced Settings. Based on these components, each group was assigned a policy that determined their sign-in process. Depending on their roles and responsibilities, the sign-in method varied and upon successful authentication, users were granted access to Zoho Directory.



With the latest update, the policies are divided into three parts: Conditional Access Policies, Routing Policies, and Security Policies.
  1. Routing Policies acts as an initial check when a user signs in. 
  2. Conditional Access Policies determines whether the user's access should be allowed or denied based on the predefined criteria.
  3. Security Policies provide you with a dedicated Password Policy and Session Settings.
Additionally, Custom Authentication has been renamed and is now a part of Routing Policies.

New Policies:



To understand how your existing policies are handled and mapped to the new policies during the migration process, click here.

Before migrating to the updated policies, quickly review how the policies are changed.

Existing Policies
Updated Policies
Password Policy
Security Policies

Password Policy is a part of Security Policy. Learn more.
Multi-Factor Authentication (MFA)
Conditional Access Policies

Multi-Factor Authentication (MFA) is a part of Conditional Access Policies.
MFA acts as an Action (Allow with MFA) under this policy. Learn more.

Allowed IPs
Conditional Access Policies

Allowed IPs is a part of Conditional Access Policies. It acts as a condition (IP address) under the policy.

Advanced Settings

1. WEB SESSION MANAGEMENT

2. LOCK PERIOD SETTINGS

1. Routing Policies

Session Lifetime and Idle Session Timeout are a part of Session Settings under Routing Policies.

2. Security Policies

Concurrent Sessions, and Lock Period Settings are a part of Advanced Settings under Security Policies.

Custom Authentication
Routing Policies

This section is renamed as Identity Providers and can be enabled via Routing Policy. Learn more.

How to Migrate?

Existing users with pre-configured policies will come across the Migration Page, which guides them through reviewing, resolving the conflicts and adopting the new policies. On this page, you will be required to complete the steps before migrating.

  1. Demo: Watch a quick demo to understand what’s changed and updated.
  2. Read the Changes: View a detailed document that outlines all the updates.
  3. New Admin Role: Configure the new admin role to replace the existing Helpdesk Admin role as it will no longer have permission to manage security operations.
    Note: This section is displayed only if at least one user is assigned to the Helpdesk Admin role.
  4. Custom Admin Role: Review the changes in the custom roles. 
    Note: This section is displayed only if a custom security role has been created and assigned to a user.
  5. Sandbox Mode: Preview the updated policies in sandbox mode before migrating
After completing these steps, you can proceed with migrating to the updated security policies.

FAQs

  1. What happens if I don't migrate? 
    You can continue using the existing security policies (old version) until you migrate to the updated policies.
  2. What will happen to my existing policies? 
    Your existing security policy configurations will be migrated to the new policy framework. To understand how your existing policy setup is mapped to the updated policies, click here.
  3. Who can perform this migration? 
    Only the Organization Owner or Organization Admin can perform the migration.
Regards,
The Zoho Directory Team.

    • Recent Topics

    • Auto sync Photo storage

      Hello I am new to Zoho Workdrive and was wondering if the is a way of automatically syncing photos on my Android phone to my workdrive as want to move away from Google? Thanks

    • Agent password reset

      Hi Zoho support, I would like to ask if there is a way the admin can reset a password of an agent? Regards

    • Can receive but not send messages in Zoho Mail

      Hello! I was able to configure my email client successfully in that I can receive messages just fine. However, when I send messages out, they seem to go out fine (I don't receive any errors or anything), but the recipient does NOT receive those messages.

    • Mail is sent twice!

      Been using Zoho for a while now. Installed Zoho for someone else and some weird things are happening. Mails are being sent twice. He is using Thunderbird as an email client. I already read about email being duplicated in the sent folder. But in my case

    • Can't login IMAP suddenly

      Since this evening I'm getting the error: You are yet to enable IMAP for your account. Please contact your administrator... IMAP always been enabled in my account and was workign fine for the past 7 years. Already tried turning IMAP off and on again.

    • Sending of username did not succeed: Mail server pop.zoho.com responded: User already specified

      I am having issues receiving emails from Zoho in Thunderbird. I am getting the above error. The first error tells me Authentication failed, and prompts me to enter in my password. Then I get the above error. I can receive emails when I log in online to

    • Bug tracking

      Hi, does anyone know how to track errors during picking or packing? This way I can keep track and see how to improve and prevent errors in this area.

    • Migration of corporate mail environment from Yandex 360 to Zoho mail

      I have to migrate a corporate mail environment with an existing domain from Yandex 360 to Zoho mail. It is vital to migrate all users with all the data. I have read the article on this topic using MacMister Email Backup Software just now and have some

    • I'm unable to send mail pthrough Zoho SMTP programmatically

      This has been working for years, but today it's been offline all day long. I see nothing anywhere on your site about this. I'm not the only one experiencing this. Downdetector has a spike of reports today

    • Can no longer send email via Django site

      This was working fine as of 11/7/25. Now I am unable to send user verification emails from a Django site on a AWS lightsail sever. When a user attempts to register the following error occurs. I have also attempted to send a test email via the shell and

    • unable to send email but able to receive email

      my email address is info@securityforceservices.ca

    • Login to server failing

      When trying to retrieve my mail, I am getting this error message -- Login to server pop.zoho.com with username (my email address) failed. It gives me the option to retry, enter password, or cancel. Then I get this message -- Sending of username did not

    • Configuration failed: 200 response not received for POST request.

      Hello, I am trying to set up a webhook to connect with an Salesforce but I receive the following error from Zoho: Configuration failed: 200 response not received for POST request I have tried testing it on webhook.site as well and receive the same error

    • Zoho Migration Assistant not working

      Hello, I am trying to use you Migration assistant to migrate emails from Rediff to Zoho. I am stuck in the first step. After downloading the migration tool, I copied the link to verify user credentials, however, after pasting the link in the browser,

    • Contacts Missing — PeopleSync/Zoho Mail

      English: In our company we use ManageEngine Mobile Device Manager (MDM), Free edition, to manage corporate mobile devices. Our usage policy does not allow personal Google accounts on these devices; therefore, Google account sync is blocked through MDM.

    • Best way to integrate Zoho with mobile app for managing customer requests with real-time notifications?

      Hello, I'm building a solution for a travel company where customers submit requests through a website, and the sales team manages these requests through a mobile app. The Requirement: Customers fill a form on the website (name, email, number of children,

    • Kaizen #57 - Mass Update API in Zoho CRM

      Hello everyone! Welcome back to yet another post in the Kaizen series. This week, we will discuss the Mass Update API in Zoho CRM. In this post, we will cover the following: 1. Introduction 2. Mass Update Records API  3. Schedule Update and Get Status

    • Getting Attachments in Zoho Desk via API

      Is there a way to get attachments into Zoho Desk via an API?      We have a process by which a zoho survey gets sent to the user as a link in a notification.    The survey has several upload fields where they can upload pdf documents.    I've created

    • Pincode based Product Restriction

      we have different types of products. 1) Very bulky items like plywood. 2) Too delicate items like glass These type of products we want to sell to local customers. Other products we want to supply all over India. There should be an option to restrict products

    • Related Lists filter

      I have Contacts showing in our Accounts module. I customized the Contacts module with an Employment Status field, with the following picklist options: "Primary Contact", "Secondary Contact", "Active Staff(not a main contact)", and "No longer employed".

    • Standalone custom function not generating logs

      Why dont't standalone custom functions generate logs when the're called from another function? I have some functions (workflow, buttons and blueprint) that have common parts, so I put that part in a standalone function which is called from the others.

    • Add "Reset MFA" Option for Zoho Creator Client Portal Users

      Hello Zoho Creator Team, We hope you are doing well. We would like to request an important enhancement related to Multi-Factor Authentication (MFA) for client portal users in Zoho Creator. Currently, Creator allows us to enforce MFA for portal users,

    • Urgent Security Feature Request – Add MFA to Zoho Projects Client Portal Hello Zoho Projects Team,

      Hello Zoho Projects Team, We hope you are doing well. We would like to submit an urgent security enhancement request regarding the Zoho Projects Client Portal. At this time, as far as we are aware, there is no Multi-Factor Authentication (MFA) available

    • Creator HTML page refresh

      Hi, I have added around 5 different html snippets in single creator page. I understand, I can refresh the entire page from page script using Navigational URLs https://help.zoho.com/portal/en/kb/creator/developer-guide/others/url-patterns/articles/navigational-urls

    • Zoho Desk - Custom Module Related List Columns on Tickets

      I have a custom module in Zoho Desk called Asana Tasks, each task has a lookup to a Ticket. On the Ticket I want to see the columns of the Asana Tasks in the related list . Is there a way to do this? Right now it just has the name of the record and I

    • What is your opinion of the new UI?

      Hi Everyone, I would like to see what everyone thinks of the new Zoho One Dashboard. I don't get it, but perhaps I'm missing something. What are your thoughts?

    • What are the OAuth scopes needed to access the Zoho MCP server?

      I think I'm authenticating with the MCP server endpoint successfully using a bearer token but I can't successfully initialize an MCP session. I'm using the official MCP Python sdk (https://github.com/modelcontextprotocol/python-sdk). I get as far as here

    • "Temporary Error" in Zoho CRM Data Source sync

      I edited my setup for the Zoho CRM to Zoho Analytics Data Source Import configuration to add some new fields. After I saved the changes, I clicked the (Sync Now) link. After a few minutes I got a Sync failure error. The only reason given is "A temporary

    • Account blocked for IMAP use

      Hello, My email client (Evolution) can't sync mail anymore. It gives the error: "Your account is temporarily blocked for IMAP use. This may happen if you exceed the maximum number of simultaneous IMAP connections allowed. Kindly try again after some time."

    • Is SMTP included in the free plan?

      My client has a Zoho Mail Free 14 day trial that ends tomorrow. She has set up a domain email address with SMTP on a third party app and is wondering if it will continue working once her plan downgrades to the free forever plan. Thanks

    • Zoho mail issue.

      I have verified my domain ohhoexpress.online by adding necessary TXT and MX records. But when I am sending email to any external email id, it is showing as zohomail.com. Also while I am sending mail to internal mail id, it is saying user not found whereas

    • My email is blocked from sending

      I get this message when I try to send any message .. > Unable to send message, Reason 554 5.1.8 Email Outgoing Blocked We have urgent emails to send and the issue continues to persist from yesterday. Please help us with this issue as soon as possibl

    • [WEBINAR] Smooth year-end closure with Zoho Books (KENYA)

      Hello there, This webinar is for all Kenyan businesses looking to wrap up their financial year smoothly! Join our free session to learn how Zoho Books can simplify your year-end process. What to expect from this webinar: - All the latest updates in Zoho

    • cannot recieve or send emails

      we are not recieving or cannot send emails.Shows sysytem error

    • Zoho Sites - contact us form

      I have added a contact us form to my website. I wanted to change the layout so I deleted the section of Contact Us form. When I again try to add the section of Contact Us form, it shows error that "This form already exists on this page."  I am unable

    • switching from POP3 to IMAPI do I need to change settings in Web email?

      hi so I am using Outlook with My Zoho mail, also have Verizon email /AOL. they no longer support POP3 and said imapi is much better, so I want to switch my ZoHo to imapai. I googled and it said i need to change it in my account....i looked at my account

    • What functionality is new in the Z025 Spaces UI dashboard compared to the previous Zoho One dashboard?

      My company is interested in creating a revamped dashboard this coming year, and are trying to weigh different platform options. The new Spaces UI is said to be a more "feature-rich" dashboard experience than the previous. Could a developer please explain

    • Collections Management: #5 Convenience on Offer, using Self-Checkout

      "Is this the right page? Oh, now, it wants my address again. Why am I being redirected?" These were the exact thoughts running through Karan's mind as he tried to subscribe to an application he genuinely liked. He clicked "Buy Now", expecting a quick

    • Tip #50- A Closer Look at the Unattended Access Dashboard- 'Insider Insights'

      Having complete visibility and quick access to everything you need certainly makes managing multiple remote devices a lot easier, and that is precisely what the Unattended Access Dashboard in Zoho Assist is designed to offer. Once you go to the Unattended

    • How to update custom multi-user field in Zoho Projects?

      I'm trying to update custom multi-user fields in Zoho Projects via a Deluge function in CRM. The code I have so far is below. It works for updating standard project fields and single-line custom fields, but it does not work to update multi-user fields.

    • Next Page