Activating two-factor authentication
Before activating the 2FA, it’s needed to install a TOTP application to Your smartphone, for example Google Authenticator for IOS or Android.
The 2FA can be enabled in the webmail from Settings -> Security -> Two-factor authentication.
After pressing the Enable button, you need to open the TOTP app of your choice on your phone and scan the QR code displayed on the Webmail.ee page with your camera to add the token to the app. A 6-digit confirmation code is displayed after adding the token, which has to be inserted to the respective text box in the webmail window.
2FA is activated only if the confirmation code is correct.
After activating the 2FA, both webmail and ZoneCloud will start asking the TOTP code besides the password. Also, it’s not possible to use the old password anymore with IMAP, POP3, SMTP and ZoneCloud client.
The TOTP code is a 6-digit number, which can be found from the TOTP application (Google Authenticator). The TOTP code changes continuously and every login it’s different.
In order to continue using IMAP, POP3 or SMTP, it’s needed to generate an application password, which can be done from the webmail. It’s suggested to use one password only on a single application or device.
Activating application password
The app password can be generated from Settings -> Security -> Application Passwords by clicking the Create a new password button.
Then you have to add a description of the application (e.g. Outlook) in the description box and press the Create button.
After pressing the button, the password of the application is displayed once and cannot be viewed again later! Enter this password into an email program and don’t save it anywhere!
Use one application password for each email application/program. This way, for example, in case of theft or loss of the device, it is possible to remove the password of one device in particular, and access to the account will be lost immediately.
ZoneCloud
To log in with a ZoneCloud client after activating the 2FA, a separate application password must be created in the ZoneCloud web platform. The same 2FA TOTP code that is used for logging in webmail is also suitable for ZoneCloud web.
When logged in, click on the e-mail address in the upper right corner of the web page and choose Settings -> Security -> under App passwords / tokens, insert the applications name and click Create new app passcode. The displayed password insert to the ZoneCloud application password box.
Deactivating two-factor authentication
For deactivating the 2FA in the webmail, go to Settings -> Security -> Two-factor authentication -> “Disable”.
How secure is the application password?
The application password is a 16-character long generated unique password which is displayed only once and is meant to be inserted to a specific application without saving it elsewhere. Due to secure connection to the mail server over SSL/TLS, it’s not possible to extract the password.
What happens when a 2FA device gets lost?
It is possible to disable 2FA in the E-mail and Mailboxes section of the web hosting management in the respective mailbox administration. In the Security section, it is necessary to click on the Switch off button.
