Two-Factor Authentication (2FA) is an improved security measure that requires two forms of identification: your password and a generated security code. With 2FA enabled, an application on your smartphone will provide you with a code that you must enter with your password to log in. Without your smartphone, you cannot log in.
Enabling 2FA in cPanel
Google Authenticator
GAuth Authenticator extension
Duo Mobile
Microsoft Authenticator
Logging into cPanel
Reconfiguring or Removing 2FA
Enabling 2FA for Webmail
Enabling 2FA in cPanel
The Two-Factor Authentication menu can be found in cPanel >> Security >> Two-Factor Authentication:
Go to the Two-Factor Authentication menu and click on the Set Up Two-Factor Authentication button:
To configure 2FA, you should link your cPanel account and your 2FA app. cPanel supports the following 2FA apps:
There are 2 ways to connect the app:
- Automatically create a link by scanning the displayed QR code with your app.
- Manually create a link by entering the provided Account and Key information in your app.
Google Authenticator
If you proceed with the Google Authenticator app, you will see the following start page. Choose Begin to further set up the app:
In case you already have a key added, you will need to press on the "+" button to add a new key:
You can add an account by Scanning a barcode or Entering a provided key:
In case the Scan a barcode option is chosen, the camera app will open, and you will need to place the QR code from cPanel within the red lines displayed.
It is also possible to use the Enter a provided key option. You will be prompted to the next page where you will need to enter the following details previously specified in cPanel:
The key can be either time-based or counter-based.
With the time-based option, the 2FA app generates a new six-digit security code for your cPanel account every 30 seconds. With the counter-based key, you tap a button, which then asks for the next number.
After the key is added to the Google Authenticator app, you may proceed with further configurations.
You can install the extension using the Google Chrome browser on your computer:
You will then need to add a GoogleAuth key that has already been generated in cPanel:
The code will be displayed in the following way:
Duo Mobile
Duo Mobile works with the Duo Security 2FA service to make logins more secure. The application generates passcodes for logins.
On the start page of the app, you can either Get Started or Get Your Account Back.
If you choose the Get Started option, you will be redirected to the next window to scan an activation barcode. After the QR code is scanned, you can modify the name of the entry, its icon, and the type:
Remember, without the activation barcode, there is no option to add the key to Duo Mobile. Here is how the page with the added key looks like:
In case you already have the app on another device and the Duo Restore feature is enabled, you can easily get your account back and download the keys from your Google Drive.
Microsoft Authenticator
Microsoft Authenticator supports multi-factor authentication for work, school, and non-Microsoft accounts. The first page of the app looks as follows:
You will need to press on the "+" button in order to proceed with the further steps. Choose the Other account option to add the QR code for cPanel:
In the next window, you will need to scan the QR code using the camera or enter the code manually using your account name and the secret key from the cPanel >> Security >> Two-Factor Authentication >> Don’t have a QR code reader.
After the app is connected to cPanel, you will receive a verification code as follows:
Logging into cPanel
After the app is installed and connected to cPanel, continue by entering the six-digit security code into cPanel >> Security >> Two-Factor Authentication >> Step 2 >> Security code:
You should receive the following success message:
During the next cPanel login, after you enter your username and password, you will be redirected to the following page to enter the security code:
After you entered the code, you will be able to continue and log into cPanel.
NOTE: cPanel will accept a code for sixty seconds after it has been generated; however, this doesn't account for apps that generate a new code every fifteen or thirty seconds. Since these apps generate a new code more often than it is actually needed, it may happen that two or more codes are valid at the same time (keep in mind this is only for sixty seconds).
Reconfiguring or Removing 2FA
There are also options to reconfigure or remove 2FA:
NOTE: If you wish to reconfigure, this will overwrite your current 2FA configuration; therefore, any existing configurations will no longer produce valid security codes.
Enabling 2FA for Webmail
There is also an option to enable the Two-Factor Authentication for Webmail. To do it, the following steps should be taken:
- Log in to Webmail either through cPanel or the Webmail login portal.
- Access Two-Factor Authentication on the Webmail management screen:
- Follow the provided instructions to set up Two-Factor Authentication:
And, as always, if you have any questions, feel free to contact our
24/7 Support Team.
