Advanced Settings

The Advanced tab under Configuration > Multi-Factor Authentication contains important settings that you can configure to further control how the MFA process for password reset, ADSelfService Plus logins, and endpoint logins behave.


About backup codes

These one-time use backup codes allow users to prove their identities in case their MFA device is not reachable or they are unable to use their enrolled MFA methods of authentication. Once the Enable MFA Backup Verification Codes setting is enabled, the backup codes can be generated and end-users can enter them to authenticate themselves during machine or VPN logon, ADSelfService Plus portal login, or self-service actions. Backup codes can be generated in two ways:

  • Users can use backup codes during VPN logins only when RADIUS-challenge response-based authentication methods are used for VPN login MFA.
  • During VPN MFA, the generated backup code can be entered in the field provided for one-time passcodes at the VPN client.
  • When identity verification is performed using backup codes, the Trust this browser and Trust this machine options will not be considered.

About backup codes

Reset/Unlock MFA

Endpoint MFA

Machine Login MFA



MFA for OWA Login

Applications MFA

ADSelfService Plus Login MFA

Cloud Applications Login MFA

Q&A Settings

Verification Code Settings

Mail/Mobile Attributes

Secondary Email/ Mobile Number



Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.


Need technical assistance?

  • Enter your email ID
  • Talk to experts
  • By clicking 'Talk to experts' you agree to processing of personal data according to the Privacy Policy.

Don't see what you're looking for?


    Visit our community

    Post your questions in the forum.


    Request additional resources

    Send us your requirements.


    Need implementation assistance?

    Try onboarding


Copyright © 2024, ZOHO Corp. All Rights Reserved.