Now that it’s established that video conferencing has become a part of your daily routine, you should start protecting your Zoom identity like you would protect any of your other online accounts. Fortunately, Zoom has started rolling out its own Two-Factor Authentication system for all of its users who utilize the company’s video collaboration tool.
In this post, we’re going to help you know understand what Zoom 2FA is, why you should use it, where it works, and how you can start using it to secure your Zoom account.
What is Zoom Two-Factor Authentication (2FA)?
Zoom has enabled an easy way to let users and organizations protect their accounts on Zoom from security breaches by adding an extra layer of security. With 2FA, Zoom will identify users by requesting more pieces of credentials from them to correctly authenticate that they’re the ones that own the particular Zoom account.
Like any other service with 2FA support, once enabled on Zoom, 2FA will require you to enter a One-Time Password (OTP) from any of the selected options – a mobile app, text message, or phone call.
Why should you use Two-Factor Authentication on Zoom?
Two-Factor Authentication on Zoom is beneficial for users in a lot of ways. If you’re not sure why you should use it, consider the following points before moving on to setting it up for your Zoom account.
- Adding an extra layer of security prevents attackers from gaining access to your account
- Zoom 2FA makes sure that even by guessing your password, it won’t let anybody login on your behalf
- Prevents identity theft
- With 2FA enabled, organizations can comply with obligations for sending and sharing sensitive data with others
- Can avoid depending on Zoom SSO Login which can be an expensive affair for small businesses and educational institutions
- An extra layer of security makes sure you don’t have to change passwords to your Zoom account every now and then
Who can use it and where?
The new Two-Factor Authentication can be used by all Zoom users – Free and Paid. The feature is also available wherever Zoom can be accessed from. This means, you can enable Zoom’s 2FA security when using Zoom’s desktop client on Mac and Windows; Zoom’s web portal; Zoom’s mobile app on both Android and iOS; and Zoom Rooms for Conference Room.
What do you need
Before you proceed to set up Two-Factor Authentication on Zoom, you need to consider the following things:
- Make sure you’re using a personal Zoom account or you’re the admin of your organization’s Zoom account
- You need a phone number that is enabled with SMS
- Ensure that you’re running Zoom on the web, Mac, Windows, Android, iOS or are using Zoom Rooms
- Optional: You can use Zoom 2FA if you have any on of these three Authenticator apps – Google Authenticator, Microsoft Authenticator, or FreeOTP
How to set up Two-Factor Authentication on Zoom
Now that you have come to know the things you need to set up Two-Factor Authentication on Zoom, it’s time to actually get started with the setting up process. To enable Zoom 2FA, you need to figure out which type of account you own – an organization or a personal account.
As an account admin
If you’re the account administrator of an organization, you can enable Zoom’s new 2FA system by heading over to Zoom’s web portal and signing in with your credentials. After you sign in to Zoom, go to Advanced > Security and toggle ON the ‘Sign in with Two-Factor Authentication’ switch.
When you enable the Zoom 2FA switch, you will be able to see a bunch of options that would help you tweak the new authentication controls the way you deem them fit for your organization.
First, you need to select any one of the options listed below to decide where Zoom’s 2FA is applicable.
- All users in your account: This will enable Two-Factor Authentication for all users in your Zoom account.
- Users with specific roles: This will turn ON Two-Factor Authentication for those users for whom you have specified a role.
- Users belonging to specific groups: This should give Two-Factor Authentication support for all users inside a specified group.
The next step is where you decide how you want to authenticate your logging in session on Zoom. For admins of an organization, you can select between these two options:
- Authentication app: Check this box if you wish to use any of your Authenticator apps to log in on Zoom.
- Text message: Select this if you wish to login using an OTP that’s sent to your phone number.
As a user
If you have a personal account or an account under an organization that has already enabled 2FA for you, you can set it up by going to Zoom’s web portal and signing in with your username and password. Go to your Profile page, scroll down and click on the ‘Turn On’ option inside the ‘Two-factor Authentication’ section.
You will be asked to enter your Zoom password and after you have done that, click on the ‘Next’ button below.
After you enter the password, you will now be required to set up either an Authentication app or SMS as your authentication method.
Enabling 2FA using an Authentication app
To set up Zoom 2FA using an Authentication App, click on the ‘Set Up’ option adjacent to it and then open the 2FA app on your smartphone.
Look for a way to scan a QR code and then tap on it; after that point your phone’s camera with the QR scanner mode ON and scan the QR code on the Zoom web portal.
This will generate a 6-digit OTP (One-Time Password) that needs to be entered on your Zoom profile screen on your computer. After you have entered the 6-digit code, click on ‘Verify’ and you will now be greeted with a list of recovery codes.
Note down these codes as these are the code that can let you use your Zoom account even if you lose your smartphone. You can store these recovery codes by clicking on the ‘Download’ or ‘Print’ options. After you’re done jotting down your recovery codes, click on ‘Done’.
You have now successfully enabled Zoom’s 2FA using an Authentication app on your phone.
Enabling 2FA using SMS
To set up Zoom 2FA using SMS, click on the ‘Set Up’ option adjacent to it. In the next screen, enter your phone number and country code where you want to receive 2FA codes and then click on the ‘Send code’ button. Zoom will now send a One-Time Password (OTP) to your number which you will need to paste it on the Zoom web portal, and then click on ‘Verify’.
You will now be shown a list of recovery codes that will let you use your Zoom account even if you lose your smartphone. Download or print these codes and store them safely and click on ‘Done’.
How to use Two-Factor Authentication
Now that you have set up Zoom’s 2FA feature, you can now proceed to use it to sign in to the video conferencing service.
Use Zoom 2FA to sign in normally
Unlike while setting up, you can use Zoom 2FA to sign in on any of your devices including the web, desktop clients, mobile apps, and Zoom Room.
Head over to Zoom’s web portal or the device you use Zoom with and sign in. After you enter your account password, you will be asked to enter the code generated from your 2FA app or the one sent to your phone number via SMS.
Open your Messages app or Authentication app to view and copy the code and paste it on the Zoom screen. Click or tap on the ‘Verify’ button to complete your sign-in process.
Signing in using a recovery code
If you no longer have access to the phone in which you used the Authentication app or SMS, you can still sign in to Zoom using the recovery code you were given when you first set up 2FA on Zoom. If you have these recovery codes with you, you can easily sign-in on Zoom by opening the Zoom app on the web portal and tapping on the ‘Enter a Recover Code instead’ option when signing in.
In the next screen, enter one of the recovery codes that you obtained earlier and click/tap on the ‘Verify’ button.
Edit your existing Two-Factor Authentication
At any point after setting up Zoom’s Two-Factor Authentication, you can edit your 2FA setup. You can remove an already-enabled authentication app or phone number, add new ones, and also view your recovery codes.
You can edit your Zoom 2FA system by signing in to Zoom’s web portal and going to Profile > Two-factor Authentication. Here, you will get a bunch of options – Change Device and Remove Device under ‘Authentication App’; and Remove Phone Inder ‘SMS’.