Zoom has rolled out two-factor authentication on both mobile and desktop. 2FA, according to Zoom, will enable admins to protect unauthorized access to meetings also known as “zoombombing.” Once 2FA is enabled, users will require a one-time code from a mobile to authenticator app, SMS, or phone call.
2FA is available across all Zoom platforms including mobile, web portal, and desktop client. The new security feature supports the time-based one-time password [TOTP] protocol. What this means is that it will work with the popular Google Autheticator, Microsoft Autheticator, and FreeOTP.
This puts to bed all controversies as a result of the company’s earlier decision to limit end-to-end encryption to paid users only. This time around, everyone including paid and free users will all have access to 2FA.
Every user has a legitimate right to privacy and security; and good thing is that Zoom appreciates this, and is working towards that direction. To have access to end-to-end encryption, Zoom says you will have to take part in a one-time process that will prompt you for additional information as a free or basic user. This process include verifying a phone number via a text message.
There is a little problem though; Zoom said enabling the end-to-end encryption feature will limit some meeting functionalities including the ability to include traditional PSTN phone lines or SIP/H.323 hardware conference room systems. Hosts will, however, toggle the end-to-end encryption on or off on a per-meeting basis.
“Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse,” Zoom said at the time.
Last year, a security report suggested that Mac users should consider removing Zoom from their systems due to security concerns. Though, Zoom quickly addressed the issue, claiming that an update it released at the time had addressed those concerns.
It went further to add that users will have more control over their video settings when another update is available. Furthermore, users will have a tool that will eliminate all traces of Zoom from your device if you wish to uninstall it.
In March, Jonathan Leitschuh first reported the issue to the company. In that report, he stated that Zoom’s security flaw only affects Mac devices. The flaw enables any website to start a Zoom call automatically. Without your permission, the cam will be enabled. The flaw started when you install a web server by Zoom. It has been provided to make it compatible with the updates to Safari.