How to Set Up 2-Step Authentication for Zoho Mail

Image from page 23 of "MNB : ninety odd years of banking 1825-1916" (1900). Internet Archive Book Images

Your email account can be the weakest link in how secure your life and information are online: it lets anybody who has access to it reset passwords and even lock you out.

With Zoho Mail, you can make that a lot harder to do and less likely with 2-factor authentication. That means the correct password alone is not enough to log in. It also requires access to a device you carry with you at all times: your mobile phone (or, of course, any phone).

The additional security need not restrict your comfort accessing Zoho Mail too much either. It is possible to save browsers to a list of applications that do not require you to sign in with 2-step authentication every time, and you can create passwords that work with email applications so they can log in to Zoho Mail using IMAP or via POP.

Set Up 2-Step Authentication for Zoho Mail

To secure your Zoho Mail account with two-factor authentication:

  • Position the mouse cursor over your picture or avatar near Zoho Mail’s top right corner.
  • Click My Account on the sheet that appears.
  • Make sure you are on the Home tab.
  • Follow the To Factor Authentication link.
  • If you have Google Authenticator or a similar 2-factor authentication app installed:
    • Make sure Google Authenticator is selected under MODE.
    • Click Next.
    • Open the 2-step authentication app (such as Google Authenticator) on your phone or device.
    • Tap + | Scan barcode or whatever your app requires you to do to add a new account using a QR code.
    • Scan the QR code that has appeared on the Zoho Mail site.
    • Verify a Zoho account has been added to your 2-step authentication app.
    • Click Next on the Zoho Mail website.
    • Type the code generated for the Zoho account in the authentication app under Verification code :.
  • If you prefer receiving a code via SMS or automated voice call on your phone:
    • Make sure SMS Text Message / Voice Call is selected under MODE.
    • Click Next.
    • Make sure your phone’s country and code are selected under Phone Number :.
    • Type the rest of your phone number (sans country code) over Enter Phone Number.
    • To receive the authentication code by SMS message:
      • Make sure SMS Text Messageis selected under Send code by :.
    • To receive an automated phone call reading the authentication code to you:
      • Make sure Voice Call is selected under Send code by :.
      • Click Call me.
    • Enter the code read to you or received via SMS text message under Verification code :.
  • To put the browser you are using to set up 2-factor authentication on a list of applications that do not require you to log in via 2-step authentication (for easier access but, of course, somewhat compromised security):
    • Make sure the checkbox under Trusted Browsers : is checked.
  • Click Verify.
  • Type your Zoho Mail password under Current Password : for Enter Password to enable Two Factor Authentication.
  • Click Turn on.
  • Now click Continue under Your Two Factor Authentication setup is almost complete !.
  • To add a backup phone number:
    • Select your phone number’s country code under Phone Number : for Add Backup Phone Number.
    • Type your phone number (not including the country code) over Enter Phone Number.
    • Choose between SMS Text Message and Voice Call under Send code by :.
    • Click Send code.
    • Type the code you received via SMS message or automated phone call under Verification code :.
    • Enter your Zoho Mail password under Current Password :.
    • Click Verify.
    • (To continue without adding a back-up phone number where you can receive authentication codes, follow the Skip adding backup phone link.)
  • To save the ready-made backup codes so you can log in to your Zoho Mail account even without access to your phone:
    • Ideally, click Print codes to create a print copy of the back-up codes. Store them in a secure location.
    • You can also click Save as text to save a text file copy of the back-up codes or click Send Email to send them by email to an address you choose.
    • Click Continue.
  • Click Continue under Application Passwords.

(Updated March 2015)