Secure your Zoho account

In addition to securing your Zoho account via passwords and multi-factor authentication, there is a slew of measures you can follow to ramp up your account security.

Security Question

By adding a security question, you can regain access to your Zoho account if you lose your account password. 

You can only set up one security question for your Zoho account.

To set up a security question for your Zoho account:

1. Sign in to your Zoho account.
   
2. Click Security Question under Security.
   
3. Click Add a security question.
   
4. You can either choose a question from the dropdown, or create your own question.
   
5. Fill in the answer, the click Next.
   
6. Enter your account password, then click Next.
   

Because the security question is used to regain access to your account you must ensure that you are the only person who knows the answer to the question.

Allowed IP address

The Allowed IP address is an IP address or a range of IP addresses you can set up for your Zoho account to restrict account access. Once configured, you will not be able to sign in to your account via a different IP address. 

To set up an allowed IP address for your Zoho account:

1. Sign in to your Zoho account.
   
2. Click Allowed IP Address under Security.
   
3. Click Add Allowed IP Address.
   
4. You can either select your current IP address, or manually enter the IP address that is allowed to access your Zoho account. You can also choose a range of IP addresses as allowed IP addresses.
   
5. Click Next.
   
6. Optionally, you name the IP address, then click Add.
   

Make sure that the IP address you provide is a static IP address. The dynamic IP addresses change and you might get locked out of your account.

To disable IP restriction for your Zoho account: 

1. Sign in to your Zoho account via the IP address you have configured. 
   
2. Click Allowed IP address under Security.
   
3. Click the IP address you want to remove, then click Delete. 
   

Application-Specific Passwords 

Application-specific passwords are 12-character passcodes that give an app permission to access your Zoho Mail from various email clients (such as Microsoft Outlook, Mozilla Thunderbird, etc.), Jabber clients, and standalone applications.

If you have enabled multi-factor authentication (MFA):

1. You cannot use your Zoho account password directly to access POP/IMAP email clients.
   
2. You must use an application-specific password to access those applications. This is because even if the email client is compromised, you can still protect your Zoho account by revoking the application-specific password you generated for the email client.
   

We recommend using application-specific passwords for your email clients even if you haven't enabled MFA for your Zoho account.

To generate an application-specific password for your Zoho account:

1. Sign in to your Zoho account.
   
2. Click Application Specific Passwords under Security.
   
3. Click Generate New Password.
   
4. Enter a name for the application you want to create a password for, then click Generate.
   
5. Make a note of the generated password, as for security purposes it will not be displayed again.
   

Device Sign-ins 

Device Sign-ins provides you a list of devices you have used to sign in your Zoho account. Each device in the list will provide you information, such as the name of the browsers you've signed in and the time of the account sign in.

To remove a browser session from your device:

1. Sign in to your Zoho account.
   
2. Click Device Sign-ins under Security.
   
3. Click the device you want to view.
   
4. Click  of the browser you wanted to remove.
   

• Related Articles

• Secure your CRM Account

  When you're handling important information like customer data, company's annual revenue, stakeholder's details and the like you must take preventive measures to secure your accounts from unauthorized access. To ensure this Zoho Accounts lets you ...

• How secure is Zoho Meeting?

  Zoho Meeting is a secure space for hosting online meetings and confidential discussions. All transmissions are sent through SSL/128-bit AES encryption protocols, which is the industry standard security practice. This is the same standard used in ...

• Managing Zoho Account Settings

  In Zoho Accounts, the mandatory fields under the Personal information section are set to default as soon as you register with any Zoho service. After logging in, you can change the information according to your preference. When you change certain ...

• Creating a Zoho Vault Account

  The sign-up process slightly varies for existing and new customers of Zoho. New user of Zoho  Existing user of Zoho If you’re new to Zoho: Sign up with Zoho Vault to create a new Zoho account. Provide your organization's name to sign up for an ...

• Account

  Quick Links How do I renew my subscription? How do I delete my Zoho account? I noticed that my subscription has been auto-renewed. However, I don't need it this month. Is it possible to cancel and get a refund? How do I downgrade my plan? I created a ...