Managing two-factor authentication (2FA)

Two-factor authentication (2FA) is a two-step sign-in process that requires a one-time code from a mobile app or text message in addition to the main Zoom sign-in for users with the work email (email and password) login type. This provides an additional layer of security since users will need access to their phone to sign in to the Zoom web portal, desktop app, mobile app, or Zoom Room.

Admins can enable 2FA for users, requiring them to set up and use 2FA. Admins can also reset an existing 2FA setup if a user has lost access to their 2FA app. 

Note: If two-factor authentication is disabled, users with a work email login type are required to enter a time-based one-time password (OTP) sent to their email if Zoom detects an unusual login from a different country or device than normal.

Requirements for two-factor authentication (2FA)

Enable 2FA

Set up and use 2FA

Table of Contents

How to enable 2FA (admin)

You can enable two-factor authentication for all users in your account, users with specific roles, or users in specific groups.

  1. Sign in to the Zoom web portal as an admin.
  2. In the navigation menu, click Advanced then Security.
  3. Under Security, click the Sign in with Two-Factor Authentication toggle to enable or disable it.
  4. If a verification dialog appears, click Enable or Disable to verify the change.
  5. Select one of these options to specify users to enable 2FA for:
  6. If user roles or groups were specified, click Save to confirm the changes. 
    Note: You can share the instructions to set up 2FA with your users.
  7. Under Authentication Methods, enable or disable one of the following authentication methods.
  8.  Click Save to apply your changes.

How to reset 2FA for a user

You can reset a current 2FA setup if a user lost access to their 2FA setup. For example, they misplaced their device, uninstalled the 2FA app, or removed Zoom from their 2FA app.

  1. Sign in to the Zoom web portal as an admin.
  2. In the navigation menu, click User Management then Users.
  3. Click the Email/Name ID of the user you want to reset 2FA for and go to their profile.
  4. Under Sign In, find Two-factor Authentication and click Reset.
    The next time the user signs in to Zoom, they will be prompted to set up 2FA again in the web portal.

Reset two-factor authentication for select users

  1. Sign in to the Zoom web portal as an admin.
  2. In the navigation menu, click Advanced then Security.
  3.  Under Security, click Reset two-factor authentication for select users in your account.
  4. In the Reset two-factor authentication dialog box, enter the email address or username that you want to reset.
    Note: All of the selected users' configurations will be reset.
  5. Enter your password to reset the two-factor authentication.

  6. Click Reset for ___ User(s) to confirm.

How to set up 2FA (user)

If your Zoom admin has enabled two-factor authentication (2FA) for you, you need to set up 2FA when you sign in to the Zoom portal.

  1. Sign in to the Zoom web portal after your admin has enabled 2FA.
  2. Select Authentication App or SMS as your authentication method.
  3. Follow one of these sections depending on what you selected:

Use two-factor authentication through the authentication app

  1. Open the 2FA app on your mobile device.
  2. Tap the option to scan a QR code. Look for a camera or QR code icon.
  3. Sign in to the Zoom web portal to get the QR code.
  4. In the navigation menu, click Profile.
  5. Under the Sign In section, to the right of Two-Factor Authentication, click Turn On.
  6. Enter your password to turn on two-factor authentication.
  7. Click Next.
  8. To the right of Authentication App, click Set Up.
  9. Re-enter your password, then click Next.
  10. Scan the QR code using the 2FA app on your mobile device.
    The 2FA app will generate a 6-digit, one-time code.
  11. Click Next.
  12. Enter the 6-digit code, then click Verify.
    Zoom will display a list of recovery codes. If you lose your mobile device, you can use a recovery code instead of a generated 6-digit code to sign in.
    Note: If you aren't able to verify the code. Click Back to display the QR code again.
  13. Click Download or Print to store the recovery codes. Each recovery code can only be used once.
  14. Click Done.

Use two-factor authentication through SMS

  1. Select a country code for your phone number.
  2. Enter a phone number where you will receive 2FA codes. Do not enter any hyphens.
  3. Click Send code.
    Zoom will send a 6-digit, one-time code to your number.
  4. Open the SMS sent by Zoom.
  5. Copy the code in the SMS, then paste it in the Zoom web portal.
  6. Click Verify.
    Zoom will display a list of recovery codes. If you lose your mobile device, you can use a recovery code instead of a generated 6-digit code to sign in.
    Note: If you aren't able to verify the code. Click Back then try again.
  7. Click Download or Print to store the recovery codes. Each recovery code can only be used once.
  8. Click Done.

How to sign in using 2FA (user)

  1. Sign in to the Zoom web portal, desktop app, mobile app, or Zoom Room.
    If you set up 2FA using SMS, click Send code.
    Zoom will ask for the code generated from your 2FA app, or the code sent to you using SMS.
  2. Open the 2FA app on your phone or view the SMS from Zoom.
  3. Enter the 6-digit code displayed on the 2FA app or SMS.
  4. Click Verify.

How to sign in using a 2FA recovery code (user)

If you no longer have access to your 2FA codes (for example, you misplaced device, uninstalled your 2FA app, or removed Zoom from the 2FA app), you can sign in using a recovery code you obtained when you set up 2FA.

Note: You can also contact your admin to reset your 2FA setup. When you sign in to the Zoom web portal, desktop app, or mobile app, you will be prompted to set up 2FA again. 

  1. Sign in to the Zoom web portal, desktop app, mobile app, or Zoom Room.
  2. Click Enter a recovery code or Enter a Recover Code instead.
  3. Enter one of the recovery codes you obtained during setup. Each recovery code can only be used once.
  4. Click Verify to sign in.
  5. (Optional) If you lost access to your 2FA device, edit you existing 2FA setup to add a new device.

How to edit your 2FA setup (user)

After setting up 2FA, you can edit your existing setup if you want to remove a device, set up 2FA on another device, or view recovery codes.

  1. Sign in to the Zoom web portal. 
  2. In the navigation menu, click Profile.
  3. Under Sign In, in the Two-factor Authentication section, use these options to set up 2FA on a new device or remove an existing setup: