Security Question
By adding a security question, you can regain access to your Zoho account if you lose your account password.
You can only set up one security question for your Zoho account.
To set up a security question for your Zoho account:
- Sign in to your Zoho account.
- Click Security Question under Security.
- Click Add a security question.
- You can either choose a question from the dropdown, or create your own question.
- Fill in the answer, the click Next.
- Enter your account password, then click Next.
Because the security question is used to regain access to your account you must ensure that you are the only person who knows the answer to the question.
Allowed IP address
The Allowed IP address is an IP address or a range of IP addresses you can set up for your Zoho account to restrict account access. Once configured, you will not be able to sign in to your account via a different IP address.
To set up an allowed IP address for your Zoho account:
- Sign in to your Zoho account.
- Click Allowed IP Address under Security.
- Click Add Allowed IP Address.
- You can either select your current IP address, or manually enter the IP address that is allowed to access your Zoho account. You can also choose a range of IP addresses as allowed IP addresses.
- Click Next.
- Optionally, you name the IP address, then click Add.
Make sure that the IP address you provide is a static IP address. The dynamic IP addresses change and you might get locked out of your account.
To disable IP restriction for your Zoho account:
- Sign in to your Zoho account via the IP address you have configured.
- Click Allowed IP address under Security.
- Click the IP address you want to remove, then click Delete.
Application-Specific Passwords
Application-specific passwords are 12-character passcodes that give an app permission to access your Zoho Mail from various email clients (such as Microsoft Outlook, Mozilla Thunderbird, etc.), Jabber clients, and standalone applications.
If you have enabled multi-factor authentication (MFA):
- You cannot use your Zoho account password directly to access POP/IMAP email clients.
- You must use an application-specific password to access those applications. This is because even if the email client is compromised, you can still protect your Zoho account by revoking the application-specific password you generated for the email client.
We recommend using application-specific passwords for your email clients even if you haven't enabled MFA for your Zoho account.
To generate an application-specific password for your Zoho account:
- Sign in to your Zoho account.
- Click Application Specific Passwords under Security.
- Click Generate New Password.
- Enter a name for the application you want to create a password for, then click Generate.
- Make a note of the generated password, as for security purposes it will not be displayed again.
Device Sign-ins
Device Sign-ins provides you a list of devices you have used to sign in your Zoho account. Each device in the list will provide you information, such as the name of the browsers you've signed in and the time of the account sign in.
To remove a browser session from your device:
- Sign in to your Zoho account.
- Click Device Sign-ins under Security.
- Click the device you want to view.
- Click of the browser you wanted to remove.