Knowledgebase

Two-Factor Authentication for cPanel  Print this Article

Overview:

Two-factor authentication (2FA) is a security measure that requires two forms of identification. After you enter your password, you must enter a security code. An application on your smartphone supplies this code. Without your smartphone, you cannot log in.

Note:

2FA requires a smartphone with a supported time-based one-time password (TOTP) app. We suggest the following apps:

To use this feature, your hosting provider must enable it for you. Ask them to perform the following steps in WHM:

  1. Set the Two-Factor Authentication Security Policy toggle to On in WHM’s Two-Factor Authentication interface (WHM >> Home >> Security Center >> Two-Factor Authentication).
  2. Grant the Two-Factor Authentication (Google Authenticator) feature to the desired users in WHM’s Feature Manager interface (WHM >> Home >>Packages >> Feature Manager).
Important:

2FA supports only one concurrent session for any user. If you open several browser windows to cPanel and log out in one of them, the server will log out the other windows.

Configure 2FA

To configure 2FA, perform the following steps:

  1. Click Set Up Two-Factor Authentication.
  2. Link your cPanel account and your 2FA app:
    • To automatically create the link, scan the displayed QR code with your app.
    • To manually create the link, enter the provided Account and Key information in your app.
  3. Within your 2FA app, retrieve the six-digit security code
    Note:

    The 2FA app generates a new six-digit security code every 30 seconds.

  4. Enter the six-digit security code in the Security Code text box.
    Note:

    You must enter the security code within 30 seconds. After time expires, the app will generate a new six-digit code.

  5. Click Configure Two-Factor Authentication.
    Note:

    If you see a Failed to set user configuration: The security code is invalid. error, a problem may exist with the date and time settings on your server. To fix the issue, contact your hosting provider.

Remove 2FA

To remove 2FA, click Remove Two-Factor Authentication.

Reconfigure 2FA

To reconfigure 2FA, click Reconfigure. Follow the steps above to configure two-factor authentication.

Warning:

If you reconfigure 2FA for your account, any existing configurations will no longer produce valid security codes.

Was this answer helpful?

Related Articles

Hotlink Protection
Overview: A hotlink occurs when someone embeds content from your site in another site and uses...
IP Blocker
Overview: The IP Blocker interface allows you to block access to your site for one or more IP...
Leech Protection
Overview: The Leech Protection interface allows you to detect unusual levels of activity in...
Manage API Tokens in cPanel
Overview: Important: This functionality is experimental. It may change in future...
ModSecurity
Overview: Warning: We strongly recommend that you enable ModSecurity™ for all of your...