Zoom login issue (one-time passcodes, not two-factor authentication)
Posted: Sun Jun 05, 2022 1:06 pm
From searching the fora, I see that this is an issue with Church Zoom accounts that has been brought up occasionally with no solution. Since I'm looking for a solution, I'm going to try to pack as much background into this post as possible without going overboard.
I am our stake's executive secretary, and am effectively in charge of making sure units can use Zoom for broadcasts and meetings as needed. We have a stake Zoom account, and each ward and branch in the stake has its own Zoom account. Each of these accounts has a separate login, but alerts and such related to any of them go to a single Gmail account set up by the stake solely for Zoom administration.
Everything was going fine until sometime in the past couple months, when Zoom instituted some sort of fraud detection system, where an attempted login to a Zoom account from a location (and it seems to be mainly location-based) that it deems unusual have to enter a one-time passcode to gain access to Zoom. This is completely separate from two-factor authentication. (Repeat: This is not a two-factor authentication issue!) Two-factor authentication is turned off for all of the accounts in our stake. Rather, this is an attempt by Zoom to prevent fraudulent use of its system (and, some might suggest a bit more cynically, to prevent anyone from sharing Zoom accounts).
How exactly this works is kind of mysterious. In one of our wards, the bishop attempted to access his ward's Zoom account this morning and couldn't get in because a one-time passcode was required. However, when he tried to log in so that his ward could broadcast sacrament meeting, he could connect with no problem. Both times he was trying to connect from the meetinghouse wifi. So go figure, right?
The problem is that the one-time passcodes are only valid for 10 minutes, and they all come to a single Gmail address that very few people have access to (and, for hopefully sensible reasons, we would like to keep that way). This means that if someone in our stake runs into this issue, they have to get in touch quickly with me or one of the very few other people with access to the Gmail—and that isn't always possible.
Looking around Zoom support fora, I find that this is the case not just for our accounts, but for a lot of other organizations that have a similar usage profile for Zoom (so mostly in the nonprofit and education sectors, but also other churches and some for-profit businesses). I've not yet seen a workaround for it, though. Does anyone here know a good way to get around this?
I am our stake's executive secretary, and am effectively in charge of making sure units can use Zoom for broadcasts and meetings as needed. We have a stake Zoom account, and each ward and branch in the stake has its own Zoom account. Each of these accounts has a separate login, but alerts and such related to any of them go to a single Gmail account set up by the stake solely for Zoom administration.
Everything was going fine until sometime in the past couple months, when Zoom instituted some sort of fraud detection system, where an attempted login to a Zoom account from a location (and it seems to be mainly location-based) that it deems unusual have to enter a one-time passcode to gain access to Zoom. This is completely separate from two-factor authentication. (Repeat: This is not a two-factor authentication issue!) Two-factor authentication is turned off for all of the accounts in our stake. Rather, this is an attempt by Zoom to prevent fraudulent use of its system (and, some might suggest a bit more cynically, to prevent anyone from sharing Zoom accounts).
How exactly this works is kind of mysterious. In one of our wards, the bishop attempted to access his ward's Zoom account this morning and couldn't get in because a one-time passcode was required. However, when he tried to log in so that his ward could broadcast sacrament meeting, he could connect with no problem. Both times he was trying to connect from the meetinghouse wifi. So go figure, right?
The problem is that the one-time passcodes are only valid for 10 minutes, and they all come to a single Gmail address that very few people have access to (and, for hopefully sensible reasons, we would like to keep that way). This means that if someone in our stake runs into this issue, they have to get in touch quickly with me or one of the very few other people with access to the Gmail—and that isn't always possible.
Looking around Zoom support fora, I find that this is the case not just for our accounts, but for a lot of other organizations that have a similar usage profile for Zoom (so mostly in the nonprofit and education sectors, but also other churches and some for-profit businesses). I've not yet seen a workaround for it, though. Does anyone here know a good way to get around this?