Note: As our world comes together to slow the spread of COVID-19 pandemic, the Zoom Support Center has continued to operate 24x7 globally to support you. Please see the updated Support Guidelines during these unprecedented times.

Note: We have identified an issue causing a subset of users to experience issues displaying live meeting information in Dashboard and Reports, accessing Webinar Registration links and delays in accessing cloud recording links. Please see our Status Page for more information.



Configuring advanced security settings Follow

Overview

The Security section allows owners and admins to setup certain authentication and settings for users on the account. These options include password restrictions, restricting sign-in methods, as well as other user profile settings.

Note: For security settings related to meeting passwords, you can change account settings.

This article goes over:

Prerequisites

  • Pro, Business, Education, or Enterprise account
  • Account owner, admin, or user with a role that has security privileges

Accessing security settings

To Access the Security Features:

  1. Sign in to the Zoom web portal.
  2. In the navigation menu, click Advanced then Security.

Security settings

Authentication

  • Basic Password Requirement: These are the password requirements for a Zoom login password. These settings can not be changed and only affect Zoom specific passwords, all other authentication methods will still use their own password requirements.
  • Enhanced Password Rules: Allow you to force extra requirements for your users’ passwords including:
    • Have a minimum password length: The password length can be increased from a minimum of 8 characters, up to 14 characters.
    • Have at least 1 special character (!, @, #...): Requires a special character in the password.
    • Cannot contain consecutive characters (e.g. "11111", "12345", "abcde", or "qwert"): The password cannot include consecutive numbers or letters, either alphabetically or on the keyboard. 
    • Use enhanced weak password detection: Users will be notified if their password is weak. 
  • New users need to change their passwords upon first sign-in: Users will be required to set their own password when they first sign in. 
  • Password expires automatically and needs to be changed after the specified number of days: Allows you to set an expiration date on passwords, forcing users to create a new password when it expires. This can be set for 30, 60, 90, or 120 days.
  • Users cannot reuse any password used in the previous number of times: Forces users to not reuse an older password that has been used within the set number of passwords created previously. This number can range from 3-12  previous passwords created.
  • Users can change their password a maximum number of times every 24 hours: Locks how many times a user can change their password in a 24 hour period. It can be set from 3 to 8 times.

Security 

  • Only account admin can change Licensed users' Personal Meeting ID and Personal Link Name: Only allow you to change Licensed users' PMI and personal link name.
  • Allow importing of photos from the photo library on the user's device: Allows you to enable or disable the ability for users to upload photos from their mobile device for their profile picture. 
  • Hide billing information from administrators: Overrides the Billing Role Management options set for the default Admin role, and locks out Admin access to the Billing section of the account.
    Note: The Owner, and any other user with Billing privileges in their Role can still access the Billing section.
  • Users need to sign in again after a period of inactivity: Forces automatic logout of users in the Web portal and/or Desktop client after a set amount of time:
    • Web Portal can be set for a preset range of 10 to 120 minutes.
    • Zoom Client can be set for a preset range of 5 to 120 minutes.
  • User need to input Host Key to claim host role with the length of: Allows the setting of the required length of the host key, can be set within the range of 6-10 digits.
  • Use 2-step verification with Google Authenticator: Enable two-factor authentication for users.

Sign-in methods

  • Allow users to sign in with work email: This will allow users to sign in with an email address and password. 
  • Allow users to sign in with Single Sign-On (SSO): This will allow users to sign in with SSO through your company's vanity URL
    (Optional) After enabling this setting, you can also force users to use SSO if you have  an Associated Domain on your account and they are signing in with that specified domain. Click Select Domains to set which domains must sign in with SSO and specify users who can bypass SSO sign-in to use a work email and password sign in. 
  • Allow users to sign in with Google: This will allow users to sign in with Google login method.
    (Optional) After enabling this setting, you can also force users to sign in via Google if you have an Associated Domain enabled on your account and they are signing in with that specified domain. Click Select Domains to set which domains must sign in with Google.
  • Allow users to sign in with Facebook: This will allow users to sign in using the Facebook login method.
  • Allow users to sign in with Apple ID: Allow users to sign in with Apple ID on the iOS app (version 5.1.1 or higher).
  • Show disclaimer when users sign in to Zoom: Configure a custom disclaimer when users sign in to Zoom, either the first time, every time, or on a particular interval.