New security enhancements for portal users: MFA and password management
Hello everyone,
We are excited to announce three major security enhancements that are now available to portal users in Zoho CRM:
We are excited to announce three major security enhancements that are now available to portal users in Zoho CRM:
- Organization-wide multi-authentication for portal users - Admins can enforce multi-factor authentication across the entire portal to ensure consistent, enhanced security for all users.
- Individual MFA set up for portal users - Portal users can individually enable and manage MFA from their account settings when an org-wide enforcement is not enabled.
- Change Password option is available in portal user account - Portal users now have a simpler way to manage their passwords, allowing them more control and convenience.
Note. We are supporting only the OTP authenticator mode now.
Let's look at them in detail.
Organization-wide multi-factor authentication for portal users
CRM users who have the Manage Portal permissions, can now enable MFA across the entire organization.
Organization-wide multi-factor authentication for portal users
CRM users who have the Manage Portal permissions, can now enable MFA across the entire organization.
- When MFA is mandated, all the portal users will be required to authenticate using an MFA code during their next login.
- If a portal user is already logged in, they will not be interrupted. However, the next time they sign in, an MFA will be required.
- When the user logs in for the first time after the MFA is mandated for all portal users - after entering the TOTP from their authenticator, they will be shown a screen - where they can either choose to trust this browser or not.
If they select trust this browser, they need not enter TOTP during their next login (for 180 days).
- If a user loses access to their authenticator app (that is if they lost their phone, deleted the app, etc.), the portal admin can reset MFA for their account.
- Reset MFA can be done by users with either manage portals or manage portals users permission.
Note. Portal users cannot disable MFA or delete their authenticator if org-wide MFA is mandated.
Individual MFA setup for portal users
If MFA is not mandated org-wide:
- Portal users can still enable MFA individually from their account settings.
- They can also manage or delete their MFA configuration on their own.
- This gives users the flexibility to add a layer of security even when it is optional.
Note. When MFA is enabled, the user will need to enter an OTP from their authenticator app during future logins.Portal users now able to change passwords
Another update you see now is a simpler way for portal users to manage their passwords.
Another update you see now is a simpler way for portal users to manage their passwords.
Previously, users had to rely on the Forgot Password option during login in order to update their passwords. Now, a new Change Password option is available under the More option in the portal user account, which allows the user more control and convenience.
Editions: Portals-supported editions.
Do learn more about this from our help doc.
Do learn more about this from our help doc.