Zoom has unveiled two-factor authentication (2FA) for all user accounts, to make it easier to prevent “zoombombing” and other security breaches. Once enabled, the system will require users to enter a one-time code from a mobile authenticator app, SMS or phone call. That in turn will block potential attackers from taking control of accounts using stolen or recycled credentials, as they’d also need to have control of your mobile device.
2FA is available for Zoom’s web portal, desktop client, mobile app and the Zoom Room. It supports the time-based one-time password (TOTP) protocal, so it works with apps like Google Authenticator, Microsoft Authenticator and FreeOTP. The company also supports various authentication methods including SAML, OAuth and password-based authentication.