Advanced Settings

The Advanced tab at the far right of the Multi-Factor Authentication (MFA) page contains important settings that you can configure to further control how the MFA processes for password resets, ADSelfService Plus logins, and endpoint logins behave.

Reset/Unlock MFA

ADSelfService Plus Login MFA

Cloud Application Login MFA

Endpoint Settings

Machine Login MFA

MFA for OWA Login


MFA for OWA Login

Q&A Settings

Verification Code Settings

Mail/Mobile Attributes

Secondary Email/Mobile Number



About backup codes

These one-time use backup codes allow users to prove their identities in case their MFA device is not reachable or if they are unable to use their enrolled MFA methods of authentication. Once the Enable one-time backup codes setting is enabled, the backup codes can be generated. End-users can save them beforehand and use them to authenticate themselves during machine or VPN logon, ADSelfService Plus portal login, or self-service actions. Backup codes can be generated in two ways:

  • Users can use the backup codes during VPN logins only when RADIUS-challenge response-based authentication methods are used for VPN login MFA.
  • During VPN login MFA, the generated backup code can be entered in the field provided for one-time passcodes at the VPN client.
  • When identity verification is done using backup codes, the Trust this browser or Trust this machine option will not be considered.

About backup codes


Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.


Need technical assistance?

  • Enter your email ID
  • Talk to experts
    By clicking 'Talk to experts', you agree to processing of personal data according to the Privacy Policy.

Copyright © 2022, ZOHO Corp. All Rights Reserved.