Setting up Two-Factor Authentication - Zoho OneAuth Authenticator

Zoho OneAuth Authenticator is a multi-factor authentication application that allows you to secure your online accounts. The Zoho OneAuth Authenticator application can be installed on your smartphone or tablet devices. After configuring OneAuth, the OTP Authenticator in OneAuth generates a 6-digit number for every 30 seconds that must be entered as the second factor of authentication. Find below the steps to configure Zoho OneAuth Authenticator in Password Manager Pro:

Sequence of Events

Following is the sequence of events involved in using Zoho OneAuth - Authenticator as the second factor:

  1. A user tries to access the Password Manager Pro web interface
  2. Password Manager Pro authenticates the user through Active Directory or LDAP or locally (first factor)
  3. Password Manager Pro prompts for the second-factor credential through Zoho OneAuth - Authenticator
  4. User enters the six-digit token that you see on the app GUI
  5. Password Manager Pro grants the user access to the web interface

Steps Required

  1. Configuring TFA in Password Manager Pro
  2. Enforcing TFA for Required Users
  3. Connecting to Password Manager Pro Web Interface when TFA via Zoho OneAuth - Authenticator is Enabled

1. Configuring TFA in Password Manager Pro

  1. Navigate to Admin >> Authentication >> Two-Factor Authentication.
  2. Choose the option Zoho OneAuth Authenticator and click Save.

  3. Then, click Confirm to enforce Zoho OneAuth - Authenticator as the second factor of authentication.

2. Enforcing TFA for Required Users

  1. Once you confirm Zoho OneAuth Authenticator as the second factor of authentication, a new window will prompt you to select the users for whom TFA should be enforced.
  2. You can enable or disable TFA for a single user or multiple users in bulk from here.
    1. To enable TFA for a single user, click on the 'Enable' button beside their respective username.
    2. For multiple users, select the required usernames and click on 'Enable' at the top of the user list.
    3. Similarly, you can also 'Disable' TFA from here.

  3. You can also enforce TFA for the users by navigating to Users >> More Actions >> Two-factor Authentication.

3. Connecting to Password Manager Pro Web Interface when TFA via Zoho OneAuth - Authenticator is Enabled

Prerequisite

To make use of Zoho OneAuth - Authenticator as the second factor of authentication, first install Zoho OneAuth - Authenticator app in your smart phone or tablet. Zoho OneAuth officially supports Android, iPhone and iPad devices. To know more about Zoho OneAuth, click here.

Connecting to Password Manager Pro web interface

The users for whom TFA is enabled, will have to authenticate twice successively. As explained above, the first level of authentication will be through the usual authentication. That is, the users have to authenticate through Password Manager Pro's local authentication or AD/Azure AD/LDAP authentication. If the administrator has chosen the TFA option "Zoho OneAuth - Authenticator", the TFA will happen as detailed below:

  1. Upon launching the Password Manager Pro web-interface, the user has to enter the credentials (local authentication or Azure AD/AD/LDAP) and click Login.
  2. Associating Zoho OneAuth - Authenticator with your account in Password Manager Pro: When you are logging in for the first time after enabling TFA through Zoho OneAuth - Authenticator, you will be prompted to associate it with your account in Password Manager Pro.
    1. Launch the Zoho OneAuth app in your mobile device/tablet and tap Authenticator from the bottom pane.
    2. Choose the '+' button or click Add new.
    3. Then, select 'Scan a QR secret' and point your device to the QR code shown in the GUI such as the image displayed below. This will automatically configure Zoho OneAuth - Authenticator to start generating authentication codes for Password Manager Pro.
    4. After completing this, you can enter the current token for authentication in the text box.
  3. If you have trouble scanning the QR code, the automatic setup will not work. Alternatively, you can carry out the following manual steps in the Zoho OneAuth - Authenticator app in your device.
    1. Choose the '+' button or click Add new.
    2. Select Enter secret manually and mention the Issuer Name (PMP) and Name.
    3. Mention the alphanumeric string as the Secret and select Done.
  4. Zoho OneAuth - Authenticator is now setup and it will start generating codes periodically. Enter the current code to continue logging in to Password Manager Pro.

Troubleshooting Tip

As mentioned earlier, the Zoho OneAuth - Authenticator is associated with your Password Manager Pro account. If you ever lose your mobile device/tablet OR if you accidentally delete the Zoho OneAuth - Authenticator app on your device, you will still be able to get tokens to log in to Password Manager Pro. In such scenarios,

  1. Click the link "Have trouble using Zoho OneAuth - Authenticator?" in the Password Manager Pro login screen.
  2. You will be prompted to enter your Password Manager Pro Username and the Email address associated with Password Manager Pro.
  3. You will receive instructions to get Zoho OneAuth - Authenticator again via the above mentioned Email.
Top