Enable 2FA on Zimbra even when device or app don’t support it.

It’s crucially important to enable two-factor authentication in Zimbra. But if you use IMAP, or if your device or client simply doesn’t support two-factor authentication, you’ll need to make a small change to your two-step authentication settings in order to make them work–and prevent your device from being blocked for failed authorization attempts: You need to create an Application Code.

Applications such as Microsoft Outlook, or the Zimbra web login, will ask you for your 2FA code upon sign in, if 2FA is enabled as per our guide. However, some devices, email clients, and apps still use the username and password authentication method and are unable to support a 2FA code. In these cases, we generate a specific code for this one app.

Creating an Application Code is easy:

1. Login to Zimbra in your web browser via zimbra.positiveesolutions.ca
2. Click the Preferences tab at the top, followed by Accounts button on the left.
3. You’ll see a box called Applications. Below that, click the Add Application Code button.
4. Give your application a name. This can be the name of the app specifically, or even something like “Robbie’s Phone”. It’s for your reference only, but will help you distinguish apps if you ever need to revoke a code.
5. In your email app, modify your account properties for your Zimbra account. This varies from device to device and from app to app, but it’s where you set your password for the account.
6. Change the password to the Application Passcode which Zimbra has provided you on your computer screen. Your app will now use that as its password, rather than your normal password.

If you ever lose your device, simply return to the same screen in Zimbra and revoke the code to lock out that device or app.

That’s it! You’re all set.

Official Documentation: https://wiki.zimbra.com/wiki/Zimbra_Two-factor_authentication#Application_Passcode