Security Enhancements | Migrate to the Updated Policies

Security Enhancements | Migrate to the Updated Policies

Hello everyone,

Zoho Directory's security policies have been updated and reorganized into three new policies with features that enhance the overall organization security. These policies provide a stronger and more secure sign-in methods and improve the user authentication experience.

Earlier, security policies comprised four dedicated components: Password Policy, Multi-Factor Authentication (MFA), Allowed IPs, and Advanced Settings. Based on these components, each group was assigned a policy that determined their sign-in process. Depending on their roles and responsibilities, the sign-in method varied and upon successful authentication, users were granted access to Zoho Directory.



With the latest update, the policies are divided into three parts: Conditional Access Policies, Routing Policies, and Security Policies.
  1. Routing Policies acts as an initial check when a user signs in. 
  2. Conditional Access Policies determines whether the user's access should be allowed or denied based on the predefined criteria.
  3. Security Policies provide you with a dedicated Password Policy and Session Settings.
Additionally, Custom Authentication has been renamed and is now a part of Routing Policies.

New Policies:



To understand how your existing policies are handled and mapped to the new policies during the migration process, click here.

Before migrating to the updated policies, quickly review how the policies are changed.

Existing Policies
Updated Policies
Password Policy
Security Policies

Password Policy is a part of Security Policy. Learn more.
Multi-Factor Authentication (MFA)
Conditional Access Policies

Multi-Factor Authentication (MFA) is a part of Conditional Access Policies.
MFA acts as an Action (Allow with MFA) under this policy. Learn more.

Allowed IPs
Conditional Access Policies

Allowed IPs is a part of Conditional Access Policies. It acts as a condition (IP address) under the policy.

Advanced Settings

1. WEB SESSION MANAGEMENT

2. LOCK PERIOD SETTINGS

1. Routing Policies

Session Lifetime and Idle Session Timeout are a part of Session Settings under Routing Policies.

2. Security Policies

Concurrent Sessions, and Lock Period Settings are a part of Advanced Settings under Security Policies.

Custom Authentication
Routing Policies

This section is renamed as Identity Providers and can be enabled via Routing Policy. Learn more.

How to Migrate?

Existing users with pre-configured policies will come across the Migration Page, which guides them through reviewing, resolving the conflicts and adopting the new policies. On this page, you will be required to complete the steps before migrating.

  1. Demo: Watch a quick demo to understand what’s changed and updated.
  2. Read the Changes: View a detailed document that outlines all the updates.
  3. New Admin Role: Configure the new admin role to replace the existing Helpdesk Admin role as it will no longer have permission to manage security operations.
    Note: This section is displayed only if at least one user is assigned to the Helpdesk Admin role.
  4. Custom Admin Role: Review the changes in the custom roles. 
    Note: This section is displayed only if a custom security role has been created and assigned to a user.
  5. Sandbox Mode: Preview the updated policies in sandbox mode before migrating
After completing these steps, you can proceed with migrating to the updated security policies.

FAQs

  1. What happens if I don't migrate? 
    You can continue using the existing security policies (old version) until you migrate to the updated policies.
  2. What will happen to my existing policies? 
    Your existing security policy configurations will be migrated to the new policy framework. To understand how your existing policy setup is mapped to the updated policies, click here.
  3. Who can perform this migration? 
    Only the Organization Owner or Organization Admin can perform the migration.
Regards,
The Zoho Directory Team.

    • Recent Topics

    • Employment Contract / HRMS Documents - Zoho People

      How do I create customized HR documents for disbursal from Zoho People ? Example, say offer letters ? appointment letters ? Memos ? We want to be able to preset these in one or ther other form and issue them to employees who are in Zoho People.

    • Live webinar: Craft and deliver impactful slides with Show’s desktop apps

      If you love the comfort of working on your desktop and want a setup that keeps you focused and uninterrupted, this session is made for you. We’re excited to invite you to our upcoming live webinar: "Craft and deliver impactful slides with Show's desktop

    • Enhancements to Bigin's forms

      Greetings, I hope all of you are doing well. We're happy to announce a few recent enhancements we've made to Bigin's forms. We'll go over each one in detail. Merge field support in auto-filled forms The auto-fill option in Bigin's forms lets you predefine

    • Table dimensions

      I try changing the dimensions of the table on my computer but it doesn't change. Do I have to be a premium member or does it only work on the app?

    • Direct link to Record Summary

      Hi everyone, In one of my reports, I have built a Record Summary template to display the details of one record. I would like to be able to link directly to this Record Summary once I submit a new record, without having to go to the list of records first and click on View. Is there a possibility to do so ?  Should I use the URL by passing some parameters ? Thank you very much for your help ! Guillaume

    • Amendment effective date

      Hi everyone, I noticed that the amendment effective date mentionned in my amendment is not right. Indeed, when a contract is amended several times, it states the previous amendment and their effective date. However, the effective date stated is always

    • Show both Vendor and Customers in contact statement

      Dear Sir, some companies like us working with companies as Vendor and Customers too !!! it mean we send invoice and also receive bill from them , so we need our all amount in one place , but in contact statement , is separate it as Vendor and Customer, 

    • STOCK history in zohosheets

      is it possible to get historical stock value using stock function in zoho sheets? i could not see from and to period in the helper document.

    • Auto sync Photo storage

      Hello I am new to Zoho Workdrive and was wondering if the is a way of automatically syncing photos on my Android phone to my workdrive as want to move away from Google? Thanks

    • Agent password reset

      Hi Zoho support, I would like to ask if there is a way the admin can reset a password of an agent? Regards

    • Can receive but not send messages in Zoho Mail

      Hello! I was able to configure my email client successfully in that I can receive messages just fine. However, when I send messages out, they seem to go out fine (I don't receive any errors or anything), but the recipient does NOT receive those messages.

    • Mail is sent twice!

      Been using Zoho for a while now. Installed Zoho for someone else and some weird things are happening. Mails are being sent twice. He is using Thunderbird as an email client. I already read about email being duplicated in the sent folder. But in my case

    • Can't login IMAP suddenly

      Since this evening I'm getting the error: You are yet to enable IMAP for your account. Please contact your administrator... IMAP always been enabled in my account and was workign fine for the past 7 years. Already tried turning IMAP off and on again.

    • Sending of username did not succeed: Mail server pop.zoho.com responded: User already specified

      I am having issues receiving emails from Zoho in Thunderbird. I am getting the above error. The first error tells me Authentication failed, and prompts me to enter in my password. Then I get the above error. I can receive emails when I log in online to

    • Bug tracking

      Hi, does anyone know how to track errors during picking or packing? This way I can keep track and see how to improve and prevent errors in this area.

    • Migration of corporate mail environment from Yandex 360 to Zoho mail

      I have to migrate a corporate mail environment with an existing domain from Yandex 360 to Zoho mail. It is vital to migrate all users with all the data. I have read the article on this topic using MacMister Email Backup Software just now and have some

    • I'm unable to send mail pthrough Zoho SMTP programmatically

      This has been working for years, but today it's been offline all day long. I see nothing anywhere on your site about this. I'm not the only one experiencing this. Downdetector has a spike of reports today

    • Can no longer send email via Django site

      This was working fine as of 11/7/25. Now I am unable to send user verification emails from a Django site on a AWS lightsail sever. When a user attempts to register the following error occurs. I have also attempted to send a test email via the shell and

    • unable to send email but able to receive email

      my email address is info@securityforceservices.ca

    • Login to server failing

      When trying to retrieve my mail, I am getting this error message -- Login to server pop.zoho.com with username (my email address) failed. It gives me the option to retry, enter password, or cancel. Then I get this message -- Sending of username did not

    • Configuration failed: 200 response not received for POST request.

      Hello, I am trying to set up a webhook to connect with an Salesforce but I receive the following error from Zoho: Configuration failed: 200 response not received for POST request I have tried testing it on webhook.site as well and receive the same error

    • Zoho Migration Assistant not working

      Hello, I am trying to use you Migration assistant to migrate emails from Rediff to Zoho. I am stuck in the first step. After downloading the migration tool, I copied the link to verify user credentials, however, after pasting the link in the browser,

    • Contacts Missing — PeopleSync/Zoho Mail

      English: In our company we use ManageEngine Mobile Device Manager (MDM), Free edition, to manage corporate mobile devices. Our usage policy does not allow personal Google accounts on these devices; therefore, Google account sync is blocked through MDM.

    • Best way to integrate Zoho with mobile app for managing customer requests with real-time notifications?

      Hello, I'm building a solution for a travel company where customers submit requests through a website, and the sales team manages these requests through a mobile app. The Requirement: Customers fill a form on the website (name, email, number of children,

    • Kaizen #57 - Mass Update API in Zoho CRM

      Hello everyone! Welcome back to yet another post in the Kaizen series. This week, we will discuss the Mass Update API in Zoho CRM. In this post, we will cover the following: 1. Introduction 2. Mass Update Records API  3. Schedule Update and Get Status

    • Getting Attachments in Zoho Desk via API

      Is there a way to get attachments into Zoho Desk via an API?      We have a process by which a zoho survey gets sent to the user as a link in a notification.    The survey has several upload fields where they can upload pdf documents.    I've created

    • Pincode based Product Restriction

      we have different types of products. 1) Very bulky items like plywood. 2) Too delicate items like glass These type of products we want to sell to local customers. Other products we want to supply all over India. There should be an option to restrict products

    • Related Lists filter

      I have Contacts showing in our Accounts module. I customized the Contacts module with an Employment Status field, with the following picklist options: "Primary Contact", "Secondary Contact", "Active Staff(not a main contact)", and "No longer employed".

    • Standalone custom function not generating logs

      Why dont't standalone custom functions generate logs when the're called from another function? I have some functions (workflow, buttons and blueprint) that have common parts, so I put that part in a standalone function which is called from the others.

    • Add "Reset MFA" Option for Zoho Creator Client Portal Users

      Hello Zoho Creator Team, We hope you are doing well. We would like to request an important enhancement related to Multi-Factor Authentication (MFA) for client portal users in Zoho Creator. Currently, Creator allows us to enforce MFA for portal users,

    • Urgent Security Feature Request – Add MFA to Zoho Projects Client Portal Hello Zoho Projects Team,

      Hello Zoho Projects Team, We hope you are doing well. We would like to submit an urgent security enhancement request regarding the Zoho Projects Client Portal. At this time, as far as we are aware, there is no Multi-Factor Authentication (MFA) available

    • Creator HTML page refresh

      Hi, I have added around 5 different html snippets in single creator page. I understand, I can refresh the entire page from page script using Navigational URLs https://help.zoho.com/portal/en/kb/creator/developer-guide/others/url-patterns/articles/navigational-urls

    • Zoho Desk - Custom Module Related List Columns on Tickets

      I have a custom module in Zoho Desk called Asana Tasks, each task has a lookup to a Ticket. On the Ticket I want to see the columns of the Asana Tasks in the related list . Is there a way to do this? Right now it just has the name of the record and I

    • What is your opinion of the new UI?

      Hi Everyone, I would like to see what everyone thinks of the new Zoho One Dashboard. I don't get it, but perhaps I'm missing something. What are your thoughts?

    • What are the OAuth scopes needed to access the Zoho MCP server?

      I think I'm authenticating with the MCP server endpoint successfully using a bearer token but I can't successfully initialize an MCP session. I'm using the official MCP Python sdk (https://github.com/modelcontextprotocol/python-sdk). I get as far as here

    • "Temporary Error" in Zoho CRM Data Source sync

      I edited my setup for the Zoho CRM to Zoho Analytics Data Source Import configuration to add some new fields. After I saved the changes, I clicked the (Sync Now) link. After a few minutes I got a Sync failure error. The only reason given is "A temporary

    • Account blocked for IMAP use

      Hello, My email client (Evolution) can't sync mail anymore. It gives the error: "Your account is temporarily blocked for IMAP use. This may happen if you exceed the maximum number of simultaneous IMAP connections allowed. Kindly try again after some time."

    • Is SMTP included in the free plan?

      My client has a Zoho Mail Free 14 day trial that ends tomorrow. She has set up a domain email address with SMTP on a third party app and is wondering if it will continue working once her plan downgrades to the free forever plan. Thanks

    • Zoho mail issue.

      I have verified my domain ohhoexpress.online by adding necessary TXT and MX records. But when I am sending email to any external email id, it is showing as zohomail.com. Also while I am sending mail to internal mail id, it is saying user not found whereas

    • My email is blocked from sending

      I get this message when I try to send any message .. > Unable to send message, Reason 554 5.1.8 Email Outgoing Blocked We have urgent emails to send and the issue continues to persist from yesterday. Please help us with this issue as soon as possibl

    • Next Page