Zoom adds two-factor authentication to all accounts

Zoom has added two-factor authentication (2FA) for all user accounts to help prevent security breaches on the video chat platform.

The roll-out identifies users by requiring them to present two or more pieces of evidence, or credentials, that authenticate their ownership of the account, such as something the user knows (a password or pin), something the user owns (a smart card or mobile device), or something the user has (fingerprints, voice).

A statement from the company explained that the enhanced security will help prevent hackers 'video bombing' unsuspecting users, while also helping companies using the platform meet compliance obligations for sensitive data and customer information.

"With Zoom’s 2FA, users have the option to use authentication apps that support Time-Based One-Time Password (TOTP) protocol such as Google Authenticator, Microsoft Authenticator and FreeOTP, or have Zoom send a code via SMS or phone call, as the second factor of the account authentication process," explained a company blog post.

Zoom has experienced rapid growth during the Coronavirus lockdown, but with it has come increased scrutiny of its existing security policies. To counter concerns, in April the business hired Facebook's chief security officer Alex Stamos as an advisor, followed by the acquisition of secure messaging and file-sharing service Keybase in May.

Commenting on the move, OneLogin's senior director of trust and security Niamh Muldoon noted that in order for 2FA to be effective, users will need to enable it. She also argued that the growing sophistication of phishing threats means traditional forms of 2FA like SMS and OTP are becoming risky.

"Zoom should introduce more modern forms of 2FA like WebAuthn, which leverages device-based encryption to prevent even advanced malware and man-in-the-middle phishing attacks."

    Share Story:

Recent Stories


Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.