Zoom introduces two-factor authentication

Videotelephony company Zoom has added two-factor authentication (2FA) to its video-conferencing platform as it looks to help organisations tackle identity theft and security breaches.

In a blog post outlining the new feature, Zoom said: “Zoom’s enhanced Two-Factor Authentication (2FA) makes it easier for admins and organisations to protect their users and prevent security breaches right from our own platform.”

“Two-Factor Authentication identifies online users by requiring them to present two or more pieces of evidence, or credentials, that authenticate their ownership of the account, such as something the user knows (a password or pin), something the user owns (a smart card or mobile device), or something the user has (fingerprints, voice).”

The new security feature allows users within organisations to use the additional 2FA layer by choosing between one-time password apps (TOTP) or by having a code sent to them by Zoom via SMS or phone.

The tool can then be enabled by logging into the Zoom Dashboard and accessing the advanced security dashboard. Admins can then enable two-factor authentication for all users of the accounts, or select users according to their role or a group they are in.

Zoom says that the new feature will offer improved security and reduced security costs while simplifying the management of credentials and better adherence to compliance obligations regarding data and customer information.

The company says that it can be expensive for organisations to pay for a single sign-on (SSO) service, adding that: “Zoom’s 2FA provides a free and effective way to validate users and protect against security breaches.”

Zoom has seen its business and revenues skyrocket during the COVID-19 crisis, as it rapidly capitalised on a surge in remote working as well as the need for friends and family to communicate remotely. The company averaged 148.4 million monthly active users during the second quarter of 2020, an estimated 4,700 per cent year-on-year increase.

However, this new level of success has been accompanied by an array of security issues, including the Zoom-bombing trend, in which hackers intrude on a video-conferencing call or session, typically inserting lewd or offensive material and causing the session to shut down.