Zoom has finally let users employ the single best way to prevent account takeovers: two-factor authentication (2FA).
If you have 2FA turned on, it will be much harder for hackers or other intruders to hijack your Zoom account, even if they do have your email address and password.
Anyone logging in from a device or web browser you haven't used before will have to present a second "factor" of identity, such as proof that they physically have your cellphone.
- Zoom security issues: Here's everything that's gone wrong (so far)
- The best webcams you can buy now
- Just in: Google Meet just got two killer upgrades to beat Zoom
Zoom offers three different factors which can be set up separately or together, according to a company blog post last week. You can provide your mobile phone number so that Zoom can send you a six-digit code either via a phone call or an SMS text message.
You can also register a mobile authenticator app such as Authy or Google Authenticator, and the app will generate the six-digit code right on your phone -- no text message or phone call needed.
We recommend using an authenticator app as the primary 2FA method. It's a lot more secure than using SMS text messages or phone calls, because hackers can fairly easily capture or forward texts and calls.
Dozens of services support 2FA authenticator apps, including Amazon, Dropbox, Facebook, Google, PayPal and Twitter. And you can still set up SMS text-message codes as a backup in case your authenticator app doesn't work.
Either Authy or Google Authenticator will do, as will FreeOTP or Microsoft Authenticator. Some password managers, including LastPass, also offers authenticator apps or build them right into their own apps.
How to set up your Zoom account with 2FA
You'll need to have both your mobile phone and a desktop or laptop computer handy. If you're setting up an authenticator app, make sure it's installed and running on your phone before beginning the Zoom 2FA setup process.
- Log into your Zoom account in a desktop web browser.
- Click on My Account in the upper right of the screen.
- Select Profile in the left-hand navigation bar.
- Scroll down to Two-Factor Authentication near the bottom of the page and turn it on.
Then you've got to select Authentication App, SMS or both. (We weren't presented with an option to select a phone call.) Let's do Authentication App first.
- Select Authentication App in your Zoom profile page and type in your password.
- Add a new entry in your phone's authenticator app.
- Point the phone's camera at the QR code displayed on the Zoom web page on your computer's screen.
- Type the six-digit temporary code in the Zoom entry on the authenticator app into the Zoom web page on your computer to verify the registration.
And here's how to set up a phone number to receive 2FA codes via SMS text message or telephone calls.
- Select SMS and type in your Zoom password.
- Type in your mobile phone number, including country code (there's a drop-down menu).
- Type in the six-digit temporary code that Zoom texts you into the Zoom web page.