Zoom makes 2FA available for all its users

Zoom now supports phone calls, text messages and authentication apps as forms of two-factor authentication  

Zoom now supports phone calls, text messages and authentication apps as forms of two-factor authentication  

Zoom is rolling out support for two-factor authentication (2FA) across its web, desktop, and mobile applications, allowing users to double down on the security of their accounts with an extra layer of protection. 

For context, 2FA systems require users to pass authentication challenges that need responses from two different factors. There are three classic authentication factors that are commonly used – something you know like a password or PIN code, something you have such as physical keys  or authentication apps, and something you are — this includes biometrics like fingerprints or retina scans. 

The videoconferencing platform announced the new security feature in a blog stating: “Zoom’s enhanced Two-Factor Authentication (2FA) makes it easier for admins and organizations to protect their users and prevent security breaches right from our own platform.” In a statement provided to The Verge, the company confirmed that it is making the feature available to all its users across the board, including those using its free plan. 

Zoom also described the ways users can authenticate themselves while signing into their accounts, “With Zoom’s 2FA, users have the option to use authentication apps that support Time-Based One-Time Password (TOTP) protocol (such as Google Authenticator, Microsoft Authenticator, and FreeOTP), or have Zoom send a code via SMS or phone call, as the second factor of the account authentication process.” 

RELATED READING: Privacy watchdogs urge videoconferencing services to boost privacy protections

While using SMS text messages as a form of two-factor authentication is better than not using one at all, it’s preferable to opt for one of the supported authentication apps, especially since it makes it more difficult for cybercriminals to access your account even if you become a target of a SIM swapping attack. 

The video communication company also allows users to use recovery codes to sign into their accounts in the event that their device gets lost or stolen. You can check out the whole process of activating 2FA as well as using recovery codes on the platform’s help center 

With the COVID-19 pandemic surging outside forcing a lot of companies to transition to remote working, Zoom, and other videoconferencing and communication services have enjoyed a boost in popularity. However, the company has also been in the spotlight due to the privacy and security issues it had been experiencing after users flocked to its platform in large numbers. If you’re a Zoom user, you should also check out our article on getting your Zoom security settings right 

Sign up to receive an email update whenever a new article is published in our Ukraine Crisis – Digital Security Resource Center