All want to have a secure cPanel account but even after using a random strong password, your cPanel account still gets hacked.
Two-Factor Authentication (2FA) is actively supported by cPanel as it adds an extra step to access your cPanel account securely. When you enable 2FA, you will need your account password as well as a second form of authentication which offers a time based token generated by a hardware device (generally a cell phone or tablet) which is under your control. In this article, we will discuss about the set up of 2FA, it’s configuration and use provided within Web Host Manager (WHM). It is important to enable the option in WHM prior to activating in the cPanel account.
Steps to Enable 2FA Option within WHM
1. Login to your WHM as the root user.
2. Find the Two-Factor Authenticationusing the search bar. You can also use its short form “2fa” for searching.
3. Enable the Two-Factor Authentication Security Policy by turning the on and off button.
4. Go to Settings for giving name to the issuer for two-factor authentication. It is set to your server name by default. With this name, you can identify the code used within Google Authenticator app. If the app is been used for several authentications, your server can be distinguished with this name so that you know what code should be used while logging in to cPanel.
Steps to Enable 2FA within cPanel
For enabling the two-factor authentication for a cPanel account, you will need to login to the cPanel account where you want to use two-factor authentication. You can enable it by going to the Security section and clicking on the Two-Factor Authentication icon.
Below are the steps to activate two-factor authentication for a cPanel account:
The Google Authentication app is used by the cPanel Two-Factor authentication. Here you will need to ensure that the application is loaded and working on your mobile device.
Note: When the two-factor authentication is enabled, you will need to login on the mobile device.
1. In cPanel, click on the Two-Factor Authentication icon.
2. Click on the Configure Two-Factor Authentication button. A QR code will appear on the screen. Next you will require your mobile device with the Google Authentication app for next 2 steps. To view the QR code, the Google Authentication application uses your mobile’s camera. In case, your device is not able to read the QR code, then you can use the manual code given below the QR code. You need to enter the provided key in the Manual entry.
3. Click on Scan barcode, if you were able to scan the QR code.
4. After scanning the QR code, you will get a code that will be seen for a short period of time. Go to the Step 2 and enter the 6-digit code.
When you enter the code, a message “Success: Two-factor authentication is now configured on your account” will appear on your screen. But at this moment, if you log out of the cPanel, you will need to enter your cPanel password that is usually used to login and then with the Google authentication app, you can provide the code to login to the cPanel as below:
In this way, you can enable the Two Factor Authentication for securing your cPanel account.