Two-Factor Authentication (2FA/MFA)

  • Updated

This article is written for: Zello Work Zello Friends & Family.

Two-factor authentication (2FA; often interchangeably referred to as multi-factor authentication or MFA) adds an additional layer of security to your admin console’s sign in process. When 2FA is enabled, console sign in will require admins enter a username, password, AND specialized access code sent to either their preferred email address or phone number.

Network admins can enable 2FA from the management console, but only for themselves; admins cannot enable 2FA for other admins. 

Why enable 2FA for the management console

Zello Work admins can access privileged information regarding their network from the management console, including but not limited to billing information, messages stored in the cloud (if Message Vault is enabled), channel and user settings, user locations, and more. For this reason, admins may want to enable 2FA—it’s an extra layer of security that protects both your company and network users. 

  • 2FA codes expire within 10 minutes of sending. Request a new code if yours expires before you’re able to sign in. 

  • When 2FA is enabled, you will be prompted to sign in with a new code every 30 days. 

  • Sign ins from a new or different browser prompt 2FA.

How to enable 2FA

Please note that individual users must enable 2FA for themselves. Even if a network has multiple admins, one admin can’t enable 2FA for another admin. Learn more about admin permissions. 

  1. Sign into your network’s management console at yournetworkname.zellowork.com
  2. Select the Users tab. Then, select your username from the user list.
    mfa users.png
  3. Locate the two-factor authentication option under your User Details. Click Enable.
    mfa user details.png
  4. Provide an email address or phone number you’d like your 2FA codes to be sent. Ensure you’re opting for a contact method you consistently—and chronically— have access to. Then, click Continue.
    mfa continue.png
  5. 2FA will begin working immediately; upon submitting an email/phone number, you’ll be prompted to enter an access code. Doing so will complete your 2FA enablement process.

Disabling 2FA 

Primary admins can disable 2FA for secondary admins. Primary admins cannot, however, enable 2FA for secondary admins. 

To disable 2FA, repeat the steps taken for its initial enablement. Click the Disable link located under the User Details section of your profile:

mfa disable.png

Audit log

Zello will keep an audit log that includes:

    • When 2FA is enabled
    • When 2FA is disabled
    • When a user is prompted to complete 2FA