This function lets you set up two-factor authentication (2FA) which is a better security system for the login interface of cPanel and WHM. There are two forms of identification involved:
- A machine generated security code
- A password determined by the user
When 2FA is activated, a code will be generated by an application present on your smartphone. This code then must be entered along with your password to log in to your account.
Important:
You or your users might come across an error message: Failed to set user configuration: The security code is invalid. This means that there is a problem with the date and time settings of your cPanel server. Use the steps outlined below to fix the problem:
- You can use the ntpdate command to re-synchronize the internal clock of your server with the Network Time Protocol (NTP) server.
- An accurate server time is crucial towards the proper functioning of 2FA.
Note:
The primary requirement for 2FA is a smartphone that supports a time-based one-time password (TOTP) app.
How to Enable 2FA
If you find that 2FA is disabled on the server, you can activate it by clicking on the toggle and changing it to On in order to enable 2FA.
Note:
2FA can only be activated by the root user.
Settings
This option lets you configure the 2FA Issuer setting. This setting determines the name that will appear in the app when the security code is accessed. If no name is entered, it will default to the hostname.
Manage Users
The Manage Users tab shows the accounts for which 2FA have been activated. It also lets you deactivate 2FA on those accounts.
You can remove 2FA for a particular user account by clicking on the Disable option next to the user account on the Manage Users list. You can also remove multiple user accounts using the Disable Selected option under the gear () icon.
You can enable 2FA for a user account by logging in to the cPanel interface as a user and locating the Two-Factor Authentication interface.
Manage my Account
This tab allows you to activate 2FA for the reseller account or the root account. You can configure 2FA through the Set Up Two-Factor Authentication option. A link must be created between your 2FA app and your cPanel account. To remove 2FA, use the Remove Two-Factor Authentication option. Click on Reconfigure if you want to reconfigure the 2FA settings.