Zoom adds two-factor authentication after subscriptions soar following lockdowns

Video conferencing app Zoom has added two-factor authentication (2FA) as a new layer of security following its soar in popularity during the current pandemic.

The log-in standard requires users to provide an additional piece of information, such as a pin code sent via text message, as well as a password.  

Zoom said the addition of the feature would help users protect against hackers taking control of accounts, which can lead to identity theft and security breaches.

The video calling app has seen huge growth in its user base this year due to social distancing rules, forcing millions of employees to work away from their colleagues. 

But the firm has been rolling out new features meant to rectify security lapses that have allowed issues like ‘Zoombombing’, where uninvited users crash a video chat. 

Zoom has also recently released its first ever physical product, the $600 Zoom for Home’ touchscreen device. 

‘Zoom’s enhanced two-factor authentication (2FA) makes it easier for admins and organisations to protect their users and prevent security breaches right from our own platform,’ the firm said in a blog post.  

‘With 2FA, organisations can reduce the risk of identity theft and security breaches by adding an extra layer of security that prevents bad actors from accessing accounts by guessing passwords or gaining access to employees’ or students’ devices.’   

2FA for Zoom identifies online users by requiring them to present two or more pieces of evidence, or credentials, that authenticate their ownership of the account.

This includes a piece of information that the user knows, such as a password or pin, something the user owns, like a smart card or mobile device, or something the user has, like their fingerprints or voice.

The video conferencing app came to prominence during the coronavirus lockdown as millions turned to the service to help communicate with colleagues while working from home. 

Zoom previously said in April that it has around 300 million daily Zoom meeting participants globally.

While in the UK, user numbers rose from 659,000 UK users in January to 13 million in April, according to Ofcom. 

However, security and privacy flaws were found within the app, including incidents of ‘Zoombombing’, where strangers were able to force their way into calls, often sharing harmful content to those present.

2FA requires users to provide an additional piece of information, such as a pin code sent via text message, as well as a password 

In response, Zoom launched a major overhaul of its security features and has rolled out a number of updates to the app to better protect users. 

Among new features revealed back in April were the ability to lock meetings and prevent other users from joining, the ability to remove participants in the meeting and greater control over screen sharing. 

The company also turned on passwords for Zoom conferences by default and allowed business users to have an IT administrator set the password strength.   

In May, Zoom purchased security and encryption company Keybase in an effort to address its high-profile security issues and bring expertise to its increasingly popular platform. 

Pictured is the 27-inch Zoom for Home touchscreen device (left) next to a  laptop. It can be used for presenting and annotating information on-screen, and can be used independently of a computer

And in July, Zoom unveiled its dedicated video-conferencing device aimed specifically at home workers and retailing for $600 (about £475).  

‘Zoom for Home’, made by US-based firm DTEN, has a 27-inch touchscreen with three wide-angle cameras for HD video calls, integrated speakers and an eight-microphone array for clearer audio.  

The device can be used independently of a computer, as well as being a second screen during Zoom meetings, and dwarfs a standard laptop.  

The firm said the ‘Zoom for Home’ name will apply to a whole new category of hardware devices to support remote working, meaning more Zoom devices will be revealed at a later date.