Troubleshoot MFA related issues

Introduction

If you have set up multi-factor authentication (MFA) to protect your Zoho account and have issues signing into your account, we will help you regain your account access. The first thing you need to do after regaining account access is switching to a different authentication mode. In case you cannot switch to a different authentication mode, disable MFA for the time being.

OneAuth

If you have set up multi-factor authentication to protect your Zoho account using OneAuth and have uninstalled the app without disabling MFA, lost your phone, or upgraded to another phone without backing up your data, you will be locked out of your Zoho account.
You must sign into your Zoho account on the OneAuth app to regain control of the MFA configured for your account.

You need to allow OneAuth to send notifications. We will only send you notifications when you need to sign in.

Case 1: If you have a backup verification code.

Solution:

1. Download and install the OneAuth app on iOS or Android.
   
2. Enter your login credentials and click Sign In.
   
3. Click Can't access your smart phone?
   
4. Choose I already have the one time backup verification code and click Proceed.
   
5. Enter your backup verification code and click Verify Code.
   
6. Choose Setup your authentication mode and make this my primary device option on the Account Configuration page.
   

Case 2: If you don't have a backup verification code and your authentication mode is NOT Face ID or Touch ID.

Scenario 1: You have added a backup phone number.

Solution:

1. Download and install the OneAuth app on iOS or Android.
   
2. Enter your login credentials and click Sign In.
   
3. Click Can't access your smart phone?
   
4. Identify your backup phone number and click Send.
   
5. Enter the verification code and click Verify Code.
   
6. Choose the Setup your authentication mode and make this my primary device option on the Account Configuration page.
   

Scenario 2: You have not added a backup phone number

Solution: Contact Zoho Accounts support to regain access to your account.

Case 2:If you don't have a backup verification code and your authentication mode is Face ID or Touch ID

Solution: Contact Zoho Accounts support to regain access to your account.

Mobile-based OTP

If you are facing any of the below issues, then you can follow these instructions to gain access to your account back.

1. You have changed your mobile number and you do not have access to the old number.
   
2. You are in a different country and you do not have network to receive an OTP.
   
3. You haven't received an OTP.
   
4. You device is lost or stolen.

1. If you have a trusted browser, you will not require MFA to sign in to your account from that browser. Try using your trusted browser to sign in.
   
2. If you have set up other MFA modes, you can try verifying your identity via any of those modes.
   
3. If you have a backup verification code, you can use that to verify your identity.
   
4. If you don't have any backup verification codes, you can contact Zoho Accounts support to receive a backup verification code.
   

Time-based OTP

If you face any of the below issues, follow these instructions to resolve it.

Issue 1: I am receiving an Incorrect OTP error

1. Make sure you are using the OTP generated under the correct label in your authenticator app.
   
2. This issue may occur if you are using Google Authenticator and the app's time is not synced correctly. To sync time:
   
1. iOS
   
1. Navigate to Settings.
   
2. Tap General, then Date and Time.
   
3. Turn on Set Automatically.
   
2. Android
   
1. Go to Settings in Google Authenticator.
   
2. Tap Time correction for codes.
   
3. Tap Sync now.
   
3. If you have a trusted browser, you will not require MFA to sign in to your account from that browser. Try using your trusted browser to sign in.
   
4. If you have set up other MFA modes, you can try verifying your identity via any of those modes.
   
5. If you have a Backup verification code, you can use that to verify your identity.
   
6. If you don't have any Backup verification codes, you can contact Zoho Accounts support to receive a Backup Verification code.
   

Issue 2: My device is lost or stolen

1. If you have a trusted browser, you will not require MFA to sign in to your account from that browser. Try using your trusted browser to sign in.
   
2. If you have set up other MFA modes, you can try verifying your identity via any of those modes.
   
3. If you have a Backup Verification code, you can use that to verify your identity.
   
4. If you don't have any Backup verification codes, you can contact Zoho Accounts support to receive a Backup Verification code.
   

Yubikey

If you face any of the below issues, follow these instructions to resolve it.

Issue 1: YubiKey is not working in my computer

Follow these steps if the YubiKey isn't recognized or not working.

1. Insert the YubiKey and confirm the LED turns on. If not, try flipping it over, as some USB ports are oriented differently.
   
2. If your YubiKey is blinking continuously, unplug it and try again. 
   
3. Make sure the YubiKey shows up as "YubiKey OTP+FIDO+CCID" or similar, depending on the model of YubiKey
   

To check whether your YubiKey is connected to your computer:

1. For Windows, check Devices and Printers in the Control Panel.
   
2. For MacOS, check Apple Menu > About This Mac > System Report, and look under Hardware > USB.
   
3. For Linux, type "dmesg" in Terminal. 
   

Issue 2: My device is lost or stolen

1. If you have a trusted browser, you will not require MFA to sign in to your account from that browser. Try using your trusted browser to sign in.
   
2. If you have set up other MFA modes, you can try verifying your identity via any of those modes.
   
3. If you have a Backup Verification code, you can use that to verify your identity.
   
4. If you don't have any Backup Verification codes, you can contact Zoho Accounts support to receive a Backup Verification code.
   

General Issues

Mail clients and other third-party applications not working after enabling MFA

If you have enabled Multi-factor Authentication (MFA), you cannot use your Zoho Account password directly to access POP/IMAP email clients. You must use an Application Specific Password to access those applications. This way even if the email client is compromised, you can still protect your Zoho Account by revoking the Application specific password.

• Related Articles

• Troubleshoot password related issues

  How do I change my account password? Sign into your Zoho account . Click Security and then click  Change Password . Enter your current password and new password. Re-enter your new password and click  Save . You can additionally terminate your active ...

• Troubleshoot sign-in related issues

  Why can't I access my Zoho account? If you're unable to access your Zoho account, one of the following cases might be the reason. You've reached the daily sign-in limit. You've have reached maximum sign-in attempts Your IP address is restricted from ...

• Implementation or Troubleshoot Access

  You can provide temporary access of your Orchestly account to our technical support team to help build workflows in your organization or troubleshoot issues.  How to provide access Navigate to your Profile at the upper-right corner of the page and ...

• Link issues

  Link issues and create dependencies to track and close them. You can associate issues based on a criterion, restrict issue closure, set dependencies, duplicate and clone issues. And you can link issues using the default link types such as Blocks, ...

• Troubleshoot SAML related errors

  Error Message Reason Solution Your organization has configured SAML authentication, please sign in via SAML credentials You cannot sign in to your Zoho account via any linked account, if your organization has mandated you to sign in only through SAML ...