How to Manage two-factor authentication (2FA) in Zoom App

This post was most recently updated on July 28th, 2022

In addition to Zoom’s main sign-in process, two-factor authentication (2FA) entails a one-time code that users can obtain from a mobile application or a text message as a second step in signing in. The use of mobile devices for accessing the Zoom web portal, desktop client, mobile app, or Zoom Room adds an extra layer of protection for users, since they will need to sign in with their phone.

The administrators can enable 2FA for users and make them responsible for setting up and using it. Users can also reset a 2FA setup if they have lost access to the 2FA app if they are an admin.

Note: If two-factor authentication is disabled, Zoom detects unusual logins originating from a country or device that is different from normal when Zoom detects a user with a work email. The time-based one-time password is then sent to the user’s email address following the unusual login.

Prerequisites for two-factor authentication (2FA)

Enable 2FA

  • Ownership or administrative privileges of an account

Set up and use 2FA

  • The number should be able to receive SMSs; or
  • A 2FA app that utilizes the Time-based One-Time Password (TOTP) protocol on Android or iOS. Listed below are recommended apps.
    • The Google Authenticator app (Android, iOS)
    • Or the Microsoft Authenticator app (Android, iOS, Windows)
    • The FreeOTP app (Android, iOS)
  • You need Zoom 5.2.2 or higher for Windows, Mac, or Linux
  • The Zoom Rooms for Meeting Room app for Windows, MacOS, and Linux, version 5.2.1 and up
  • Will be available to users with a work email account (email and password)

How to enable 2FA (admin)

You can enable two-factor authentication in your account for all users, users belonging to certain groups, and users with certain roles.

  1. You will have to sign in as an administrator to the Zoom web portal.
  2. You will find the Security option under the Advanced menu.
  3. Besides logging in using two-factor authentication, you can also enable or disable it from the Security section.
  4. You may be prompted to confirm the change by clicking Enable or Disable if a dialog appears.
  5. If you are interested in making this setting mandatory for all users in your account, please click on the lock icon, confirm that the setting will be made mandatory with a click on Lock.
  6. To specify which users you want 2FA enabled for, select from these options:
    • All users in your account:
    • Make sure that 2FA is enabled for every user in the account.
    • Users with specific roles:
    • Set up 2FA for the following roles:
        1. Use the pencil icon.
        2. Pick your roles.
        3. Then click OK.
    • Users belonging to specific groups:
    • The user must enable 2FA if they belong to the specific group:
        1. Activate 2FA by clicking on the pencil icon
        2. Next to the groups you wish to select.
        3. Click on the “OK” button.
  7. Then click Save.
    Note: Your users can receive the instructions on how to set up 2FA via email.

How to reset 2FA for a user

If a user has lost access to their 2FA setup, you have the option to reset the 2FA setup. The reason could be that they lost their device, uninstalled 2FA from their device, or decided to remove Zoom from their 2FA app.

  1. Login to the Zoom web portal by entering your email address and password.
  2. Click on User Management, then Users in the navigation bar.
  3. Once you’ve located the user you’re looking for, click Edit next to their name.
  4. If you would like to reset the 2FA for a particular user, click the email address or name ID and go to their profile.
  5. Click Reset next to Two-factor Authentication, which can be found under Sign In.
    On the next sign in to Zoom, the user will be asked to set up their 2FA again through the Zoom web portal.

Reset two-factor authentication for select users

  1. The Zoom web portal can be accessed by logging in.
  2. Then select the Advanced tab, followed by the Security tab.
  3.  If you are asked to reset two-factor authentication for some users in your account, then click Reset two-factor authentication.
  4. Please enter the email address or username of the user you wish to reset in the Reset two-factor authentication dialog box.
    Note:
  5. If you select more than one user, their configuration will be reset as a whole.
  6. If you want to reset the security code, you will have to enter your password.
  7. To confirm that you want to reset the code, click Reset for ___ User(s).

How to set up 2FA (user)

When you sign in to the Zoom portal, you will be asked to set up two-factor authentication (2FA) if your Zoom admin has enabled it for you.

  1. Once your admin has enabled 2FA in the Zoom web portal, you will need to log in.
  2. Once you have selected an authentication method you will need to log in with the authentication app or SMS.
  3. Follow the steps below depending on which authentication method you selected:

Use two-factor authentication through the authentication app

  1. Your mobile device must be open in order to access the 2FA app.
  2. If you wish to scan a QR code, please tap on the option. The QR code icon will be under the camera icon.
  3. Use the Zoom web portal to scan the QR code.
    A 6-digit, one-time code will be generated by the app as part of the 2FA feature.
  4. Simply click the Next button.
  5. The 6-digit code should then be entered and the code should be verified.
    Click here to open Zoom. The recovery code can be used to sign in instead of the 6-digit code that you receive when you lose your mobile device.
    Note:
  6. The code cannot be verified. You can display the QR code again by clicking Back.
  7. To save the recovery codes, click either Download or Print. You can only use one recovery code per computer.
  8. Then click Done.

Use two-factor authentication through SMS

  1. For your phone number, you will need to choose a country code.
  2. Your 2FA codes will be sent to this number. Avoid using hyphens.
  3. Enter the code here.
    An individual one-time code will be sent to your number by Zoom.
  4. Click on the SMS.
  5. Using the Zoom web portal, paste the code that is in the SMS.
  6. Then click Verify.
    Several recovery codes will be displayed. Instead of your generated 6-digit code, you can use a recovery code if you lose your mobile device.
    Note:
  7. The code cannot be verified. Please click Back and try again.
  8. To save the recovery codes, click Download or Print. You can only use a recovery code once.
  9. Then click Done.

How to sign in using 2FA (user)

  1. Access Zoom from the web, on your desktop, on your mobile device, or in a Zoom Room.
    Click Send code if you are setting up 2FA with SMS.
    If you have a 2FA app, or have been sent a SMS code, Zoom will ask for that code.
  2. View the SMS from Zoom or open the 2FA app.
  3. The 6-digit code can be found in the SMS or in the 2FA app.
  4. To verify, click on it.

How to sign in using a 2FA recovery code (user)

Whenever you lose your 2FA codes (for example, if you misplaced it, uninstalled it, or removed Zoom from your 2FA app), you can log in using the recovery code you generated when you established 2FA.

Note:

If you wish to reset your 2FA setup, you can also contact your admin. It is a common occurrence that you will be prompted to set up 2FA each time you sign in to the Zoom web portal, desktop client, or mobile app.

  1. Log in to the Zoom web portal, the Zoom desktop client, or the Zoom Room via a mobile device such as a tablet.
  2. You can enter a recovery code by clicking on Enter a recovery code.
  3. If you have already obtained a recovery code during installation, enter that code. There is a limit of one recovery key per user.
  4. Please verify your account by clicking the Verify button.
  5. It is optional for you to add a new device to your existing 2FA setup if you lost access to your 2FA device.

How to edit your 2FA setup (user)

If you’ve already set up 2FA and want to remove a device, set up 2FA on another device, view recovery codes, or add another device, you can edit your existing setup afterwards.

  1. To access the Zoom website, you must first sign in.
  2. To do so, go to the navigation panel and click Profile.
  3. To set up two-factor authentication on a new device or to remove that which is already set up, simply go to the Two-factor Authentication section of Sign In.
  • App for Authentication
    • Set Up:
    • Set up two-factor authentication using an app that supports two-factor authentication. You will only see this option if you do not already have a 2FA setup that uses a 2FA app.
    • Change Device:
    • Use a supporting 2FA app to set up 2FA again. If you already have 2FA setup using an app, this option will not be available.
    • Remove Device:
    • If you already have 2FA setup using an app, you will need to remove it.
  • SMS
    • Set Up:
    • Verify your phone number by setting up 2FA via SMS. If you do not already use SMS for 2FA, this option will only appear.
    • Remove Phone:
    • Removing the current SMS-based 2FA configuration.
  • Recovery Codes:
  • See the list of recovery codes by clicking View Codes.