In our previous blogs in the OneAuth Reborn series, we covered passwordless authentication and OneAuth's built-in OTP authenticator. Today, let's dive into OneAuth's alternate verification and recovery modes.
Multi-factor authentication (MFA) usually includes two levels of authentication: what you know and what you have. So you enter your password (something you know) and then enter an OTP, accept a push notification, or scan a QR code to authenticate yourself (something you have access to). If you forget your password, you can always reset it, but when it comes to the second factor of authentication, you don't usually have that luxury. You have to wait until you receive the OTP or the push notification on your mobile device, which might be delayed by poor network connections. If this happens frequently, it removes the advantage of enabling MFA for an account, since it ends up blocking access to the account rather than securing it. To resolve this, OneAuth has come up with a solution that provides flexibility in user verification.
Introducing alternate verification by OneAuth
OneAuth has three preferred MFA modes: Push notification, Scanning a QR code and Entering a TOTP. Let's say you chose push notification as your preferred mode of authentication for your Zoho account. If you don't receive the push notification on your device for any reason, OneAuth's alternate verification lets you switch to authenticate yourself with a TOTP or QR code by clicking Sign in another way on the Zoho Accounts sign-in page.
You can learn more about alternate verification from our help guide.
Passphrase for quick recovery
Whenever an app isn't working, most people's go-to troubleshooting method is to uninstall the app and reinstall it. However, that is not the case with Zoho OneAuth. Once you've configured the app as your primary MFA mode for your Zoho account, you will get locked out of your account if you uninstall it without disabling MFA.
In the previous versions of OneAuth, you had only one option to recover the app: backup codes. Backup verification codes are a set of 12-digit one-time codes you can use to recover both your Zoho account and OneAuth. However, many users never generated backup codes and had to turn to Zoho support for help. This created unnecessary delays and frustration for many users. To avoid that problem, OneAuth now has a DIY recovery option called "Passphrase".
So what is a passphrase?
A passphrase is a backup password you can use to recover OneAuth when you are reinstalling the app. With the passphrase configured, you don't need to approach Zoho support to restore your access to the app. You can learn how to recover your OneAuth app using a passphrase using our help guide.
Besides helping you recover OneAuth, the passphrase is also used to back up your OTP secrets. Your secrets are encrypted using your passphrase with a highly secured encryption algorithm and will be stored in the Zoho cloud. You can restore those secrets whenever you install the app on a new device.
The all-new OneAuth provides greater account security for not just your Zoho accounts but also for all other accounts that support Two-Factor Authentication (TFA). Download OneAuth today and let us know what you think about the latest version in the comments section.
Meanwhile, stay tuned for our next blog in the OneAuth reborn series, coming soon!
2 Replies to OneAuth Reborn: Alternate Verification and Recovery Modes
Update: I try again to recovery OneAuth using passphrase and it has been done after enter an OTP that received by mobile number. It will be more cool to recovery only by entering passphrase without any need to mobile number or anything alse. I don't know that is possible or not. Anyway, Passphrase is very very useful update. Thank you so much for this recent update.
Hello, another great update! Thank you so much. I try to set up my passphrase but for I don't see "Sign in using Passphrase" when I click on "Problem Signing in?". Kind regards, Hasan