Hello Zoho Desk Team,
We hope you are doing well.
We would like to request an enhancement related to security for the Zoho Desk Help Center (customer portal). Currently, the Help Center supports MFA for portal users via SAML, JWT, SMS authentication, and Federated login, and also includes an AI-powered CAPTCHA, which is appreciated.
However, we are missing a very important MFA option:
Time-based One-Time Password (TOTP) authentication using an Authenticator app such as Google Authenticator, Microsoft Authenticator, Zoho OneAuth, etc.
Many of our customers prefer not to user phone numbers for SMS verification, and some find SMS-based MFA unreliable due to delivery delays or restricted SMS service in certain regions.
✅ More secure – Not vulnerable to SIM swapping attacks
✅ More reliable – Works even without mobile network coverage
✅ More privacy-friendly – Does not require phone numbers
✅ Industry standard – Widely adopted for secure customer portals
Additionally, this functionality already exists in other Zoho products, such as the Zoho Creator Client Portal, where users can enable MFA via authenticator apps. We would love to see the same security flexibility in Zoho Desk Help Center.
Please add an option to enable TOTP-based MFA for Help Center users (customers) using an authenticator app as part of the login process.
This will significantly improve the security of our customer portal while keeping the login experience user-friendly and modern.
Thank you for considering this request and for continuously improving Zoho Desk.
Kind regards,
Ram