Two-Factor Authentication for cPanel
By Jithin on April 16th, 2017
cPanel is a Linux-based control panel and the most widely used and popular control panel on webhosting industry. The interface of cPanel is easy to use and supports IPv6 and multi-server management. Due to it’s popularity, cPanel has more security features. The Two-Factor Authentication (2FA) is an important security feature of cPanel. Two-Factor Authentication (2FA) is an extra layer security feature for cPanel designed to ensure that you are the only person who can access your cPanel account, even if someone knows your password. 2FA provides a two-step verification in which the user provides two authentication factors to verify the exact owner of the account. Also, it makes it harder for hackers to gain access to your cPanel accounts, because knowing the victim’s password is not enough to pass the authentication check.
How it works
Two-Factor Authentication, also known as 2FA is an additional layer of security that requires not only the username and password, but also requires something from the user. When you want to sign in to your cPanel account, you will need to provide the username, password and a verification code that’s automatically displayed on your trusted devices. By entering the verification code that displayed only on your trusted device, you are verifying that you trust the new login to your cPanel account. Let’s explain the steps to enable 2FA on your cPanel server.
1) Download and Install a supported Two-Factor Authentication software on your smartphone/tablet. We suggest the following software:
- For Android, iOS, and Blackberry — Google Authenticator
- For Android and iOS — Duo Mobile
- For Windows Phone — Authenticator
2) Login to WHM panel and Click on ‘Security Center’ and select ‘Two-Factor Authentication’.
3) The 2FA interface will appear. The system automatically configures ‘Issuer’ text box with your server hostname. The 2FA is initially disabled on your server. Click on the Switch to enable it on your server.
4) To begin select the ‘Manage My Account’ tab and then click on the button ‘Set Up Two-Factor Authentication’.
The interface will display a QR code, scan that code with your 2FA software on your smartphone. This also can be done through enter the given ‘Account’ and ‘Key’ information on your smartphone 2FA software.
Then the 2FA smartphone application will generate a 6-digit verification code. Type this on the ‘Security Code’ text field and then click on the button ‘configure Two-Factor Authentication’.
The Two-Factor Authentication is now enabled successfully on your server.
5) Next time you log into your cPanel account it will ask for a code after you have logged in with your username and password. Enter the six-digit code from your Google Authenticator app then click the ‘TwoStepAuth_authenticate’ button.
If you need any further help please contact our support department.