Multi-Factor Authentication (MFA) in Customer Portal

Multi-Factor Authentication (MFA) is a security process that requires users to provide two or more verification factors to gain access to an account, system, or application. This adds an extra layer of protection beyond just a username and password. This reduces the risk of unauthorized access, even if one factor, like a password, is compromised.

Zoho Billing allows you to enable Multi-Factor Authentication (MFA) in the Customer Portal to enhance customer’s account security and protect them from unauthorized access. Customers can configure MFA by scanning a QR code using an authenticator app, such as OneAuth or Google Authenticator. After configuration, customers can use Time-based One-Time Password (TOTP) to log in to their portal.

Enable Multi-Factor Authentication for Customer Portal

To enable MFA for Customer Portal:

• Navigate to Settings.
• Select General under Customer Portal.
• Check Enable multi-factor authentication (MFA).
• Click Save.

MFA will be enabled for your customers’ portal. After configuring MFA, your customers will have to use TOTP along with their credentials to log in to their portal.

How your customers can configure Multi-Factor Authentication?

Once you have enabled multi-factor authentication for the Customer Portal, your customers can use an authenticator app (such as OneAuth, Google Authenticator) to configure it.

To configure MFA, your customers will have to:

• Navigate to the Customer Portal login page.

• Enter their credentials.

• Click Configure in the Enable MFA for their account page.

• Scan the QR code using their authenticator app.

  Insight: They can also manually enter the authentication code in their authentication app.

• Click Next once they get the OTP on the authenticator app.

• Enter the OTP from the authenticator app.

• Click Verify.

• Click Enable MFA.

  Pro Tip: Your customers can download backup verification codes to recover their account in case they lose access to the authenticator app. To generate backup codes from the Enable MFA for your account screen, your customers will have to:

  • Click Generate Backup Codes.
  • Click Download or Copy and save them securely.
  • Click Continue to Sign In.

  5 backup codes will be generated, which they can use once for each code if they are unable to sign in with MFA. Alternatively, you can also reset MFA for their customer portal.

Now your customers have to log in using the TOTP from the authenticator app.

Reset MFA for Customers

If a customer loses access to their authenticator app and does not have backup codes, you can reset multi-factor authentication for them.

To reset MFA for a customer:

• Navigate to the Customers module.
• Select the customer.
• Click the gear icon next to their email address.
• Select Reset Portal MFA.

Multi-factor authentication will be reset for the customer, and the customer will have to configure it again to log in to the customer portal.

Disable Multi-Factor Authentication for Customer Portal

To disable multi-factor authentication for the Customer Portal:

• Navigate to Settings.
• Select General under Customer Portal.
• Unmark Enable multi-factor authentication (MFA).
• Click Save.

Multi-factor authentication will be disabled for the Customer Portal.

Was this document helpful?

Yes

No

Let us know where we can improve

We can wait. Take your time to draft us your question.

Umm.. where do we send the response?

By clicking Submit, you agree to our Privacy Policy.

Submit Cancel

Thank you for your feedback!