Two-Factor Authentication for cPanel

(cPanel >> Home >> Security >> Two-Factor Authentication)

Overview

Two-factor authentication (2FA) is an improved security measure that requires two forms of identification: your password and a generated security code. With 2FA enabled, an application on your smartphone supplies a code that you must enter with your password to log in. Without your smartphone, you cannot log in.

Note:

Two-factor authentication requires a smartphone with a supported time-based one-time password (TOTP) app. We suggest the following apps:

For Android™, iOS®, and Blackberry® — Google Authenticator™
For Android and iOS — Duo Mobile
For Windows® Phone — Authenticator

Enable two-factor authentication

To use this feature, your system administrators must enable it for you. Ask them to perform the following steps in WHM:

Set the Two-Factor Authentication Security Policy toggle to On in WHM's Two-Factor Authentication interface (WHM >> Home >> Security >> Two-Factor Authentication).
Grant the Two-Factor Authentication (Google Authenticator) feature to the desired users in WHM's Feature Manager interface (WHM >> Home >> Packages >> Feature Manager).

Configure two-factor authentication

To configure two-factor authentication, perform the following steps:

Click Set Up Two-Factor Authentication.
To configure two-factor authentication, you must link your cPanel account and your 2FA app:
- To automatically create the link, scan the displayed QR code with your app.
- To manually create the link, enter the provided Account and Key information in your app.
Open your 2FA app to retrieve the six-digit security code.
Note:

The 2FA app generates a new six-digit security code for your cPanel account every 30 seconds.
Enter the six-digit security code in the Security Code text box.
Note:

You must enter the security code within 30 seconds. After time expires, the app will generate a new six-digit code.
Click Configure Two-Factor Authentication.
Note:

If you see a Failed to set user configuration: The security code is invalid. error, a problem may exist with the date and time settings on your server. To fix the issue, contact your hosting provider or system administrator.

Remove two-factor authentication

To remove two-factor authentication, click Remove Two-Factor Authentication.

Reconfigure two-factor authentication

To reconfigure two-factor authentication, click Reconfigure. Follow the steps to configure two-factor authentication.

Warning:

If you reconfigure 2FA for your account, any existing configurations will no longer produce valid security codes.

In This Document

For Hosting Providers

Page:

The failurls File
Page:

The convert_accesshash_to_token Script
Page:

Apache mod_userdir Tweak
Page:

Change MySQL User Password
Page:

Change Root Password

Child pages