Ensuring ZoneID account security
Ensuring your ZoneID account security is extremely important, as it provides access to all of your services in Zone – all files and databases, email accounts and their contents on your virtual servers, domains and DNS records, all of your invoices, etc.
Thus it is crucial that access to your ZoneID account is set up in a secure way and your contact information kept up to date. These days a password alone is not enough to secure access to an account. This article contains various authentication solutions and tools to ensure your account’s security.
- Always use a secure password of at least 10 characters in length and avoid any bad usage patterns
- Change passwords at a regular pace and store them in a password manager
- Add an external tool of authentication to your account – Mobile-ID, Smart-ID, ID-card
- Activate two factor authentication (2FA) or disable password login
Secure password
The time it takes to crack a password depends directly on the password complexity. We recommend using passwords that are at least 10 characters long and avoiding any bad usage patterns such as (user)names, number combinations, names of services, etc.
It is also a good practice to set different passwords for each service and making sure they don’t repeat.
We recommend using password management tools like LastPass, 1Password, Bitwarden, etc to store and manage your passwords. These are convenient for generating and using long as well as secure passwords without needing to remember them. When logging in to your account, you will be able to automatically insert your password from the password manager. It’s also convenient to change your passwords from time to time using a password management tool – some applications even warn users when they haven’t changed their password for a while, or if they use the same password on several websites.
ZoneID account secure authentication solutions
External authentication tools can only be added to your account once you log in!
It is highly recommended to connect such external authentication tools as ID-card, Smart-ID, Mobile-ID to a ZoneID account. It is also possible to connect your account to Facebook.
If you’ve connected your ZoneID account with any of the authentication tools stated above, it is possible to log in to the account without a password. Moreover, it is recommended to disable password authentication. You can find more information about disabling password authentication here.
Connected authentication tools can be viewed and managed by logging in to the My Zone admin panel and choosing Settings from the dropdown menu next to the username.
On the account settings page proceed to Security, enter your password (password is requested only if you’ve logged in with a username and password) and choose on Associated identities.
You will see a list of already connected authentication tools and a button to connect a new one to your account.
TOTP 2FA – Two Factor Authentication
Another recommended way of securing access to your ZoneID account is connecting it to a Two Factor Authentication tool (TOTP 2FA) e.g. using an application called Google Authenticator on your smartphone(download links: Android and Apple).
In order to activate two factor authentication choose Security and then Two factor authentication.
A window will open showing the QR code, which must be scanned with the Google Authenticator application to get a verification code. Enter the verification code in the Enter password from your application to confirm field and click Confirm
If the code was entered successfully, a notification stating Two factor authentication is enabled appears. It is also possible to deactivate 2FA from the same menu, if necessary.
From now on, each time you log in to your ZoneID account, in addition to the password you must enter a 2FA code, which you can get from the phone’s authentication application. In that case the login page looks as follows:
Changing and deactivating 2FA
If you’ve lost access to the device where you set up the 2FA application, it won’t be possible to access your ZoneID account using only password.
In case you’re switching from one device to another device, you should first use the old device to receive a 2FA code and deactivate 2FA.
If you’ve previously connected your account with an ID-based authentication tool such as ID-card, Mobile-ID or Smart-ID, you’ll access the account, but you will not be able to deactivate 2FA without the 2FA code from your authentication application!
If the account has not been connected to an ID-card, Mobile-ID or Smart-ID, and you’ve lost access to the device with your 2FA application, access to your ZoneID account can only be restored by Zone customer support.
In order to restore the access to your ZoneID account, send an email to info@zone.ee from your account’s contact email address.
Disabling password authentication
Disabling password login is possible only if your ZoneID account has been connected to any tools of authentication (Mobile-ID, Smart-ID, ID-card or Facebook) and if 2FA support has not been activated. If 2FA is activated, a verification code is always requested when logging in.
If password authentication is disabled, the account can be accessed only using authentication tool and by a person whose identity is connected to it.
To disable password login, open Settings, then proceed to Security and Password settings
Click on Disable password authentication
It is possible to enable password authentication from the same menu if needed.
If for some reason it is not possible to access the ZoneID account using an external authentication tool (ID-card, Mobile-ID, Smart-ID), password authentication can be restored by Zone customer support.
To restore access to your ZoneID account, send an email to info@zone.ee from your account’s contact email address
ZoneID authentication log
The Security menu also includes a Login history submenu which displays the ZoneID account’s authentication log. The log displays successful and failed login attempts for the last year, as well as IP-addresses from where the login attempts were made.
