OTP Authenticator | MFA - Zoho Accounts

OTP Authenticators

OTP authenticators are mobile applications that you can use to set up multi-factor authentication (MFA) for your account. These applications generate one-time passwords (OTPs) that change for every 'n' seconds. Once you set up MFA for your account with an OTP authenticator, you will need to enter the app-generated OTP whenever you want to sign in to your account.

Some of the prominent OTP authenticator apps are Authy, Microsoft Authenticator, and Google Authenticator.

Idea
Info: We also have our in-house authenticator app called Zoho OneAuth. In addition to general-purpose features, it also has Zoho-specific features such as push notification sign-in, QR code sign-in, and a highly robust passwordless sign-in feature. Learn how to set up OneAuth for your account

How to set up an OTP authenticator for MFA ?

Once you have downloaded and installed the OTP authenticator on your mobile device, you can register your app with Zoho using two methods:
  1. Scanning a QR code
    The QR code will contain the secret to register the app and you will have to scan it using your app to register.
  1. Manually entering the secret
    You will have to manually enter the secret in your app to register.
Steps to register an OTP authenticator:
  1. Go to accounts.zoho.com.
  2. Click Multi-Factor Authentication in the left menu.
  3. Click Set up Now under OTP Authenticator. A QR code and secret will be shown.
  4. To register using QR code, use the authenticator app to scan the QR code displayed on the screen. To register manually, enter the secret displayed on the screen into your authenticator app. Once it is done, a different OTP will be generated on your app.
  5. Click Next.
  6. Enter the OTP generated on your app into the field in Accounts, then click Verify.
InfoInfo: Once you have configured an MFA mode for your account, make sure to generate backup verification codes. These codes will help you recover your account if you lose access to your mobile number and can't sign in.

How to set OTP authenticator as primary MFA mode?

If you have configured multiple MFA modes for your account, you can set one of them as your primary MFA mode. When you try to sign in, your primary mode will be the default mode for authentication.

To set OTP authenticator as the primary MFA mode:
  1. Sign in at accounts.zoho.com.
  2. Click Multi-Factor Authentication in the left menu.
  3. Click MAKE PRIMARY next to OTP authenticator.
  4. Click Confirm.

How to sign in using OTP authenticator?

If OTP authenticator is your primary MFA mode, follow the steps to sign in:
  1. Go to the Zoho sign-in page.
  2. Enter your email address, then click NEXT.
  3. Enter your password, then click SIGN IN.
  4. Open the authenticator app you used to set up the OTP.
  5. Navigate to the OTP tab on the authenticator app.
  6. Enter the OTP generated on your OTP authenticator, then click VERIFY.
            
(This is an example of how the OTP page will look like in the OneAuth Authenticator app. The page will be more or less similar in other authenticator apps.)
If you have set up multi-mode MFA with another MFA mode as your primary mode, see how to sign in using OTP authenticator.
NotesNote: If you are using a mail client, you may have issues signing in to it once you enable MFA (in most cases, "incorrect password" error will shown). This is because your mail client doesn't support MFA. In that case, you can use application-specific passwords to bypass MFA and sign in to your mail client.

How to recover account if OTP authenticator app is not accessible?

If you can't sign in to your account due to issues with your OTP authenticator, then you can recover access to your account using your previously generated backup verification codes.
See how to use backup codes to recover your account. Once you get access, make sure to re-configure OTP authenticator or a different MFA mode.
If you haven't generated backup codes previously or lost them
  1. Contact our support team
    Contact our support team at support@zohoaccounts.com. We will gather some details from you to verify your identity.
  2. Use the one-time backup code to sign in
     After your identity is verified, you'll be given a backup verification code. Use this code to regain access to your account.
    1. Go to accounts.zoho.com.
    2. Enter your username and password (or use other sign-in options).
    3. When you are asked to verify using MFA, click Problem signing in? or Can’t access your device?.
    4. Select the option to enter the backup verification code.
    5. Enter the code provided to sign in.
    6. After signing in, you'll be shown a page from where you can generate and save a new set of backup codes. Make sure you save them securely so you can use them if you encounter this issue in the future.
  3. Reconfigure MFA
    Once you’ve got access to your account, you need to reconfigure MFA.
    1. Click Multi-factor authentication in the left menu of the account's home page.
    2. In the Multi-factor authentication section, reconfigure the OTP authenticator or configure other MFA modes such as OneAuth or Security key.

How to reconfigure OTP authenticator

  1. Go to accounts.zoho.com
  2. Click Multi-Factor Authentication in the left menu.
  3. Click Change Configuration under OTP authenticator. A pop-up screen will appear.
  4. Follow the instructions shown on the screen to reconfigure the OTP authenticator and enter the OTP generated by the authenticator app to verify.
  1. How to use application passwords for mail clients
  2. How to disable/re-enable MFA
  3. MFA: Frequently asked questions
  4. MFA: Troubleshooting