How to use Two Factor Authentication in cPanel
Two-factor authentication (TFA) is an improved security measure that requires two forms of identification: your password and a generated security code.
With TFA enabled, an application on your smartphone supplies a code that you must enter with your password to log in. Without your smartphone, you cannot log in.
Two-factor authentication requires a smartphone with a supported time-based one-time password (TOTP) app. We suggest the following apps:
- For Android, iOS, and Blackberry — Google Authenticator
- For Android and iOS — Duo Mobile
- For Windows Phone — Authenticator
In our example we'll use Google Authenticator.
Complete instructions on how to install and setup the app can be found in this article: Install Google Authenticator
Login your cPanel > Security and click Two-Factor Authentication link:
Configure two-factor authentication
Click Set Up Two-Factor Authentication:
To configure two-factor authentication, you must link your cPanel account and your TFA app:
- Automatically - create the link, scan the displayed QR code with your app.
- Manually - create the link, enter the provided Account and Key information in your app.
Open your TFA app to retrieve the six-digit security code:
Note: The TFA app generates a new six-digit security code for your cPanel account every 30 seconds.
You must enter the security code within 30 seconds. After time expires, the app will generate a new six-digit code.
Enter the six-digit security code in the Security Code text box:
Click Configure Two-Factor Authentication.
Note: If you see a Failed to set user configuration: The security code is invalid. error, a problem may exist with the date and time settings on your server. To fix the issue, contact your hosting provider or system administrator.
Remove Two-Factor Authentication
To remove two-factor authentication, click Remove Two-Factor Authentication and confirm that you want to remove it:
A confirmation message will appear:
To reconfigure two-factor authentication, click Reconfigure. Follow the steps to configure two-factor authentication. If you reconfigure TFA for your account, any existing configurations will no longer produce valid security codes.
Let's see how Two-Factor Authentication works. You are logging in your cPanel as usual with username and password:
But instead to log you in the cPanel opens a second login screen where you must enter the six-digit code generated by Google Authenticator:
Enter the code in the text box and click Continue:
Welcome to your cPanel Home.