Zimbra 2FA: Step 1: Secure HIS Zimbra Webmail login

To setup 2-Factor authentication in your Zimbra email account:

Step 1: Secure the HIS Zimbra Webmail Login

  1. Login to your webmail account: https://zmail.his.com/)

  2. Once logged in go to Preferences > Accounts.
    inline-image

  3. Scroll down to Primary Account > Account Security.

  4. Click on the link: Setup two-step authentication.
    inline-image

  5. Click on "Begin Setup" and provide your email account password.
    inline-image

  6. Then click Next: It will display a Key: Keep that open and write it down, or save it in a password manager app.
    inline-image

The next steps happen on the device you'll be using for Authentication, like your smart phone:

  1. If needed: Install an Authentication Application on your SmartPhone.

  2. Launch the Authentication Application on your SmartPhone.
    Here we will use Google Authenticator as example:

  3. Open the Authenticator app.

  4. Click + to add a new account, then select"Enter a Setup Key"

    • In Account: Enter your email address
    • In Key: Enter the Zimbra key displayed at step #6
    • Click Add.

Go Back to HIS Zimbra webmail:

  1. Enter the code displayed by the Application for this account, then click Next.
    inline-image

  2. Click Next: If you entered the code correctly you should see a message saying Success! - If not re-type it carefully.

14: Click Finish to complete the process.

You are all set with securing online access to HIS Zimbra webmail:

After enabling 2FA: your current password will now only work for login to Webmail.
You will be prompted to enter a code from the Authentication App each time after you login to HIS webmail, so you will need your phone authentication app with you when you do that.

For your other email apps:

You will now need to generate a new "Application code", i.e. a special password generated in Zimbra for your other email Applications (Outlook, Mac Mail, Thunderbird...) that do not support 2FA.
This way if your Webmail password get compromised, it can not be used for sending mail from your email account.

Instead, each of your email applications or devices will use its own "application passcode" a special password generated in Zimbra. You will need to update the configuration of each of your applications and devices; however, most will simply note that the old password is not working and prompt you for the new one.

Now see:

Step 2: Generating Applications passcodes for your other email apps:

Step 3: Step 3: Generate One-Time codes for Emergency Use


Properties ID: 000653   Views: 838   Updated: 4 months ago
Attachments