Two-Factor Authentication for cPanel

Two-Factor Authentication (2FA) is an improved security measure that requires two forms of identification: your password and a generated security code. With 2FA enabled, an application on your smartphone will provide you with a code that you must enter with your password to log in. Without your smartphone, you cannot log in.


Enabling 2FA in the cPanel

     Google Authenticator
     GAuth Authenticator extension
     Duo Mobile
     Microsoft Authenticator

Logging into the cPanel

Reconfiguring or Removing 2FA

Enabling 2FA for Webmail



Enabling 2FA in the cPanel


The Two-Factor Authentication menu can be found in the cPanel >> Security >> Two-Factor Authentication:


Go to the Two-Factor Authentication menu and click on the Set Up Two-Factor Authentication button:


To configure 2FA, you should link your cPanel account and your 2FA app. cPanel supports the following 2FA apps:

There are 2 ways to connect the app:

  • Automatically create the link by scanning the displayed QR code with your app
  • Manually create the link by entering the provided Account and Key information in your app



Google Authenticator


If you proceed with the Google Authenticator app, you will see the following start page. Choose Begin to further set up the app:



In case you already have a key added, you will need to press on the "+" button to add a new key:


You can add an account by Scanning a barcode or Entering a provided key:

 
In case the Scan a barcode option is chosen, the camera app will open and you will need to place the QR code from the cPanel within the red lines displayed.
It is also possible to use the Enter a provided key option. You will be prompted to the next page where you will need to enter the following details previously specified in the cPanel:
  • Account name
  • Your key
The key can be either time-based or counter-based. With the time-based option, the 2FA app generates a new six-digit security code for your cPanel account every 30 seconds. With the counter-based key, you tap a button, which then asks for the next number.



After the key is added to the Google Authenticator app, you may proceed with further configurations.


You can install the extension using the Google Chrome browser on your computer:


You will then need to add a GoogleAuth key that that has already been generated in the cPanel:


The code will be displayed in the following way:



Duo Mobile


Duo Mobile works with Duo Security 2FA service to make logins more secure. The application generates passcodes for login.

At the start page of the app, you can either Get Started or Get Your Account Back.


If you choose the Get Started option, you will be redirected to the next window to scan an activation barcode. After the QA code is scanned, you can modify the name of the entry, its icon, and the type:


Remember, without the activation barcode, there isn’t an option to add the key to Duo Mobile. Here is how the page with the added key looks like:


In case you already have the app on another device and the Duo Restore feature is enabled, you can easily get your account back and download keys from your Google Drive.


Microsoft Authenticator


Microsoft Authenticator supports multi-factor authentication for work, school, and non-Microsoft accounts. The first page of the app looks as follows:


You will need to press on the "+" button in order to proceed with the further steps. Choose the Other account option to add the QR code for the cPanel:



In the next window, you will need to scan the QR code using the camera or enter the code manually using your account name and secret key from the cPanel >> Security >> Two-Factor Authentication >> Don’t have a QR code reader.


After the app is connected to the cPanel, you will receive the following verification code:



Logging into the cPanel


After the app is installed and connected to the cPanel, continue by entering the six-digit security code into the cPanel >> Security >> Two-Factor Authentication >> Step 2 >> Security code:


You should receive the following success message:


During the next cPanel login, after you enter your username and password, you will be redirected to the next page to enter the security code:


After you entered the code, you will be able to continue and log into the cPanel.

NOTE: The cPanel will accept a code for sixty seconds after it has been generated; however, this doesn't account for apps that generate a new code every fifteen or thirty seconds. Because these apps generate a new code more than is actually needed, there will be instances where two or more codes are valid at the same time (keep in mind this is only for sixty seconds).


Reconfiguring or Removing 2FA


There are also options to reconfigure or remove the 2FA:


NOTE: If you wish to reconfigure, this will overwrite your current 2FA configuration; therefore, any existing configurations will no longer produce valid security codes.


Enabling 2FA for Webmail


There is also an opportunity to enable the Two-Factor Authentication for Webmail. To do it, the following steps should be performed:
  1. Log in to Webmail either through the cPanel or the Webmail login portal.
  2. From the Webmail management screen, access Two-Factor Authentication:



  3. Follow the provided instructions to set up Two-Factor Authentication:





And, as always, if you have any questions, feel free to contact our 24/7 Support Team.
Updated
Viewed
35172 times

Need help? We're always here for you.

notmyip