The popular and controversial video conferencing app, Zoom, recently added a new security feature. The announcement was made a few days ago that Zoom desktop and mobile now supports 2FA sign in. That’s great news for both regular users and administrators who want to keep hackers at bay. Question is how do you add or enable 2FA on Zoom? The process is not intuitive as it should be.
Note that there are a number of 2FA apps available for both desktop and mobile platforms and choosing one can be a chore. We will talk about which one should you use and why? But before we get to that, let’s take a quick look at what 2FA is and how it works or why you should care.
What Is 2FA
You need an ID and password to sign in to your Zoom account. This is true for any other app or service. The ID is usually your email address or mobile number followed by the password. There have been numerous instances where login details were hacked by the thousands. At this point, I would like to mention this useful site that can help you find out if your sign in details has been pawned.
What 2FA does is it adds an additional layer/step of sign-in requirement, instantly making it that much more difficult for the hacker to log in to your account. Now, when the hacker will use your account details to log in, he/she/they will need to enter a 6 digit unique code that is generated in real-time. They won’t have this because it is generated via a 2FA app installed on your phone. It can also be sent to your mobile number via SMS but that’s not recommended.
A 2FA code generated via an app like Google Authenticator is much more secure because the data is localized and encrypted. That means it is never shared on the internet, stored locally on your phone’s memory, and encrypted. The last part will make sure that even if your phone is compromised, the hackers won’t be able to view the codes.
And it costs nothing.
Now that you know why you need 2FA and how it works, let’s take a look at some of the best 2FA apps that you can use to set up Zoom.
Enable 2FA on Zoom
One of the most popular 2FA apps, Google Authenticator is free, secure, and comes with features like Transfer Account where you can move all your codes to a new phone in case you buy a new one.
Here’s the thing. Zoom says you will find the 2FA option under Advanced > Security but in my case, it was buried under the Profile tab.
Once you find it, the steps are easy. Click on Turn on to the right of the screen. You will be asked to enter your password again for security purposes. This is also true when you want to disable 2FA. The problem occurs when you don’t know your password because you used Google or Facebook to sign in. I tried using the ‘Forgot password’ option to generate a new password but that didn’t work either. A quick search on Twitter revealed that there are other users facing similar issues. Apparently, there is no way to enable 2FA without entering the password. They didn’t think it through. I have reached out to Zoom for a response and will update when I get one.
Click on Set Up on the next screen to begin the process. Again, I suggest you go for the Authenticator App option rather than SMS because the later is not as safe with numerous instances of SIM swapping attacks surfacing over the last few years.
Enter the password again. You will now be shown a QR code. Scan it with your favorite 2FA app. I will be using Google Authenticator for the purpose of this guide, but you can use any as long as it is a trusted name. Some notable options are Authy and Microsoft Authenticator. Download and install the app and you should notice an option (usually a + sign) to scan new QR codes. There are apps available for Windows and macOS too, but I recommend a mobile app so you can access it on the move and anywhere.
The moment you scan the QR code, you should hear a confirmation sound on your app and a 6-digit code should be visible with a 30-second timer next to it. The code will change/expire automatically every 30 seconds for security, making it that much harder for hackers to gain access to your account. Note that 2FA codes will continue to generate even when you are not connected to the internet.
Click on Next below the QR code when everything looks as described above on your phone’s screen.
Enter the 2FA code you see on your 2FA app on phone next to confirm that you have scanned the QR code and that it is working correctly. Click on Verify next.
You will now see a bunch of new codes on the screen. These are the backup or recovery codes that you must store somewhere safe. Preferably offline. I suggest you take a print out which is the most recommended method. You will find both Print and Download option below. You can use these to sign in if 2FA codes are not working or if you lost/stolen/broke your phone.
Click on Done when you are finished.
Go back to the same menu to disable 2FA code option. A new QR, as well as backup codes, are generated every time you disable and enable this option. That means you should disable/enable 2FA if you believe your codes have been compromised. You can backup/recovery codes too in case you lose access to the print paper but I suggest you regenerate a new set using the above method.
Another way to take backup is by taking a screenshot of the QR code itself and printing it. That way, you can rescan the code anytime you want on any 2FA app installed on any phone. Make sure you secure these printouts.
Wrapping Up: Enable 2FA in Zoom
The steps to enable 2FA in Zoom are pretty straight-forward, however, only when you are using a password to sign in. Most users have created an account using Google or other sign-in option which only complicates the issue. I wish it was simpler as all things Zoom. The reason why it took off during the pandemic was because of its simplicity. It just worked out of the box. I have run into this problem on some other platforms too but using the forgot password trick worked every time.
Stay tuned for an update and continue zooming.