Zimbra Two-factor authenticationAs you know, in recent months, we have had several "phishing" attacks through e-mail.
Although from the computer department we have always warned that we would never request the credentials through an e-mail, but, for one reason or another, there is always someone who falls at the trap.
We are therefore obliged to take certain measures that will ultimately benefit everyone. One of these measures is the implementation of the Second Authentication Factor (2FA) to access at the Zimbra e-mail accounts.
The 2FA allows adding a second security layer, so at the time of the login and write the password, a code is also requested. This code can be found through an application on the mobile. Once the application is opened in the mobile, you can see a temporary code associated with the online service where you want to enter. The code changes every few seconds, so this code must be entered in the corresponding field while it is valid. Only then can the session be started.
It must be said that an access (mobile, app or computer) can be configured as "reliable" (for example, our ICMAB workstation). Thus, in these accesses you should only use the 2FA the first time.
It should be noted that similar systems are already used to access at the bank accounts for example.