Everyone wants their account to be as secure as possible, even with using a random strong password your account can still be hacked. Two Factor Authentication provides an extra step to access your cPanel account. In this guide we will be discussing how to set up, configure, and use the Two Step Authentication option provided within Web Host Manager (WHM). The option must be enabled in WHM before it can be activated in the cPanel account.
Two factor authentication requires that you have root access to your server. The Google Authentication app must also be installed on your mobile device.
- Log into your WHM as the root user.
Use the search bar to find Two-Factor Authentication. You can also search for “2fa” for short.
Click the on and off button to enable Two-Factor Authentication Security Policy.
Next you will need to click on Settings in order to give name to the issuer for two-factor authentication. By default, it is set to your server name. This name is used to identify the code used within the Google Authenticator app. If you are using the app for several authentications, this name distinguishes your server so that you know what code to use when you need to login to cPanel.
At this point, in order to enable two-factor authentication for a cPanel account you will need to login to the cPanel account where you wish to use two-factor authentication. You will need to go to the Security section and click on the Two-Factor Authentication icon. Follow the procedure below in order to activate two-factor authentication for a cPanel account.
cPanel Two-Factor authentication utilizes the Google Authentication app. At this point you will need to have the application loaded and working on your mobile device. Note that when you have two-factor authentication enabled, the mobile device will be required to login.
Click on the Two-Factor Authentication icon in cPanel.
Click on the button that is labeled Configure Two-Factor Authentication. You will see a QR code appear on the screen. You will need your mobile device with the Google Authentication app for next 2 steps. The Google Authentication application uses the camera on your mobile device in order to view the QR code. If your device cannot read the QR code, then you can use the manual code provided below the QR code. Click on Manual entry in order to enter the provided key.
If you can scan the QR code with your device, then click on Scan barcode.
Once you scan the QR code you will get a code that will only show for a short period of time. Go down the screen to Step 2 and type in the 6-digit code.
Once the code is entered you will see a message that says “Success: Two-factor authentication is now configured on your account.” At this point, if you log out of the cPanel, you will be required to enter your normal cPanel password and then use the Google authentication app to provide the code to login cPanel as per the screenshot below: