[ZTA] How to Setup Email MFA with Gmail SMTP

This KB enables you to use the user's email to receive the MFA code to log in to the user portal.


  1. Before we proceed with the procedure, we need to generate an App password from Google.
    • Log in to https://myaccount.google.com/
    • Go to Security > 2-Step Verification > App passwords
    • Generate an App password with these details:
      • App: Mail
      • Device: Other, you can enter your domain or another name that's appropriate for the app password
    • After you generated the App password (16-character password), please take note of it. We'll use it in a later step.
  2. Log in to the admin portal.
    1. For non-CN customers, https://portal.safous.com
    2. For CN customers, https://portal.safous.cn
  3. Go to Settings > ZTNA > Configuration > SMTP Settings, and Configure your SMTP Settings with these details:
    • Host: smtp.gmail.com
    • Port: 587
    • From Address: <Your email address>
    • From Name: <Email address shown>
    • Username: <Your email address>
    • Password: App Password generated in Step 1
  4. After you configure the SMTP Settings, you can click Save. To check if the email MFA is working, you can try to log in to your user portal and choose Email in the MFA window.
  5. You can check your email inbox, and you'll find an email similar to the following screenshot.