After your organization configures a ZIdentity account for you with access to the Zscaler services and its functional scope as per your role, you receive an email from Zscaler Support to choose and set up a Multi-Factor Authentication (MFA) type for accessing the ZIdentity account.

To ensure security, all admins must use MFA.

You can configure the following authentication types as per your organization's settings:

• Password Authentication

  To configure a password:

  1. Open the email from Zscaler Support and click the setup link.

     You are redirected to the sign-up page.

  2. On the sign-up page:
     • New Password: Enter a password.
     • Confirm New Password: Retype the password to confirm.
  3. Click Next.

  Your account is successfully created. You can make a note of your login ID displayed on the screen and proceed to log in to your ZIdentity account.

  Close
• MFA

  To configure MFA:

  1. Open the email from Zscaler Support and click the setup link.

     You are redirected to the sign-up page.

  2. On the sign-up page:
     • New Password: Enter a password.
     • Confirm New Password: Retype the password to confirm.
  3. Click Next.

  4. On the Multi-Factor Authentication page, select one of the following authentication types, then click Set Up:

     • Security Key or Biometric

       To configure a security key or biometric:

       1. Click Set Up.

          A list of all Fast Identity Online 2 (FIDO2) supported methods available for your devices is displayed. FIDO2 is a set of protocols developed by the FIDO Alliance to provide the most secure passwordless authentication methods. The services, such as Windows Hello, YubiKey, etc., register and certify their security devices with FIDO2 to cater to their customers.

       2. Select one of the methods from the list to set up a security key or biometric authentication.
       3. Follow the instructions displayed on your screen to complete the set up.

       Close
     • Google Authenticator

       To set up Google Authenticator:

       1. Follow the steps shown on the screen and then click Next.
       2. In the Google Authenticator Verification Code field, enter the verification code that you see in the Google Authenticator and click Verify before the verification expires as it is time-sensitive.

       Close
     • Phone OTP

       To set up phone one-time password (OTP):

       1. Country: Select the country of your phone number.
       2. Phone Number: Enter the phone number on which you want to receive the OTP and click Send OTP via SMS.

       3. Enter SMS OTP: Enter the OTP received on your phone and click Verify. The OTP is only valid for two minutes, after which you can click Back, then click Send OTP via SMS to receive another OTP.

          You can also choose to go back and modify your number before you verify. Currently, SMS OTP is only supported for India and USA phone numbers.

       Close
     • Email OTP

       Your secondary authenticator is configured as Email OTP as soon as you click Set Up. An email OTP is sent to your official email address during your log-in attempts as part of your secondary authentication.

       Close

     See image.

     Close

  Your account is successfully created. You can make a note of your login ID displayed on the screen and proceed to log in to your ZIdentity account.

  When MFA is configured for your account, you can also choose to authenticate yourself using email OTP as the only authenticator.

  Close
• Security Key or Biometric as Primary Authentication

  To configure a security key or biometric:

  1. Open the email from Zscaler Support and click the setup link.

     You are redirected to the sign-up page.

  2. On the sign-up page, click Skip Password and Register a Security Key and then click Set Up.

     A list of all FIDO2 supported methods available for your devices is displayed. FIDO2 is a set of protocols developed by the FIDO Alliance to provide the most secure passwordless authentication methods. The services, such as Windows Hello, YubiKey, etc., register and certify their security devices with FIDO2 to cater to their customers.

  3. Select one of the methods from the list to set up a security key or biometric authentication.
  4. Follow the instructions displayed on your screen to complete the set up.

  Your account is successfully created. You can make a note of your login ID displayed on the screen and proceed to log in to your ZIdentity account.

  Close