It’s easier to keep your Zoom calls secure when two-factor authentication is turned on.
What you need to know
- Zoom has enabled two-factor authentication for all users on its mobile and desktop apps.
- You can now secure your Zoom account with SMS or an authenticator app.
- It’s available to users on all tiers, whether free or paid.
Zoom has enabled two-factor authentication (2FA) on its service, allowing customers to secure their account with an extra layer of protection. It will work on the web app, as well as the mobile and desktop clients.
“With Zoom’s 2FA, users have the option to use authentication apps that support Time-Based One-Time Password (TOTP) protocol (such as Google Authenticator, Microsoft Authenticator, and FreeOTP), or have Zoom send a code via SMS or phone call, as the second factor of the account authentication process,” the Zoom team wrote in a blog post, alongside instructions for enabling the feature. The Verge adds that Zoom will offer this feature to all customers, including those on the free tiers.
It’s worth noting that while Zoom has SMS two-factor authentication, it’s one that we strongly recommend against using.
Android Central’s Jerry Hindelbrand explained why not to in August, saying:
Getting a 2FA code via a text message isn’t all that different from getting one from an authenticator app. The issue is with the execution. When you rely on SMS for those codes, you’re subject to things like a man in the middle attack, where someone intercepts your messages, or SIM jacking — that’s where someone convinces your carrier to give them a new SIM card using your number. Once that happens, you no longer control access to your account.
That being said, the addition of two-factor authentication to the service is a net-good which brings it up to par with Google Meet in terms of security, at least on that front.