Zyxel Portal MyZyxelPortal/Nebula- Two Factor Authentication and Passkeys MyZyxelPortal

Passwords remain the primary method of authentication, but they are vulnerable: easy to guess, often reused across services, and frequent targets of attacks. To improve security, two-factor authentication (2FA) and multi-factor authentication (MFA) are widely used. The next step is passkeys — a technology that eliminates passwords entirely while providing stronger and more convenient protection.

This article explains how 2FA, MFA, and passkeys work, their advantages, and their role in the future of authentication.

Please Note:  To access Zyxel services, you have two authentication options: Google or Apple authentication, or the traditional method of using an email and password. Each method has its own procedure for enabling two-factor authentication (2FA). If you choose to log in using your email and password, you have the ability to set up 2FA directly within your Zyxel personal account settings. Which we will discuss in this article. On the other hand, if you prefer using Google or Apple authentication to access Zyxel services, the 2FA settings need to be configured directly through your Google or Apple account

You can configure two options for two-factor authentication. The first one with sending a confirmation code via email and the second one with using the two-factor authentication mobile app.

Passkeys

Windows	Google

• Private keys are normally stored in the local device (Passkeys stored in local device can only be selected from the local device)
• Storing Passkeys in Google Password Manager (supported by Chrome) allows cross-device synchronization of passkeys (Passkeys stored Google Password Manager allows devices signed-in to your Google account to select stored passkeys.)

Verifying Public Keys associated with Zyxel Account	Windows Sign-in Options

Sign-in with Passkeys (Web and Mobile App)

What to do When Losing the Private Key

Step 1: Sign-in to Zyxel using your main method (Google, Apple, MS Entra ID, Zyxel)

Step 2: Access Account Information page 

Step 3: Remove Old Public Key 

Step 4: Create New Public Key

2FA via EMAIL

• Go to MyZyxel portal
• login to your account using your email and password
• Select "Manage account"
• Two-factor authentification
• Email authentification

You have received an email to confirm the activation of two-factor authentication. Click on the button in the email ‘Enable 2FA’, after successful activation you will see in your personal cabinet that 2FA via Email Autentification is enabled.

2FA via APP

• Go to MyZyxel portal
• login to your account using your email and password
• Select "Manage account"
• To enable the Two-Factor Authentication feature, do the following:
• Select one of the two verification types (Google Authenticator take an example)
• Click the Apply button
• A window will pop up with the instruction to configure your authenticator App

• On your mobile device, open the pre-installed application and scan the QR code.
• Click the Verify button when you have entered the 6-digit code to verify the setup
• If the code has not expired during verification, you will receive the following Message in the Portal

• Store backup codes in a reliable location and click the Done button to finish the 2FA setup.
• When you attempt to login to MyZyxel or Nebula Cloud account, you will be prompted for a 2FA code.

Disable Two Factor Authentication [2FA]

• Go to MyZyxel portal
• login to your account using your email and password
• Select "Manage account"
• Disable Two-Factor authentication [2FA]

In the next window, enter your account password and click "Turn off"

Can't login with Two Factor Authentication [2FA]

If you've lost access through Multi-Factor Authentication (MFA) or 2-Factor Authentication (2FA) using Google Authenticator or email, you can disable it yourself by following the steps outlined below.

• Go to the Nebula/Myzyxel.com login page and Sign In with your credentials
• Once on the Two-Factor authenticator page, hit the "Get Help" located below the Verify button

• You will receive the email shortly. Click on the link "Disable Two-Factor Authentication" to proceed

• Once the correct password is input, the 2FA will be disabled successfully! A pop-up message will be displayed so you can decide to set up the 2FA again or just continue with the login process as usual.