(cPanel >> Home >> Security >> Two-Factor Authentication)
Two-factor authentication (2FA) is an improved security measure that requires two forms of identification: your password and a generated security code. With 2FA enabled, an application on your smartphone supplies a code that you must enter with your password to log in. Without your smartphone, you cannot log in.
Two-factor authentication requires a smartphone with a supported time-based one-time password (TOTP) app. We suggest the following apps:
To use this feature, your system administrators must enable it for you. Ask them to perform the following steps in WHM:
To configure two-factor authentication, perform the following steps:
Open your 2FA app to retrieve the six-digit security code.
The 2FA app generates a new six-digit security code for your cPanel account every 30 seconds.
Enter the six-digit security code in the Security Code text box.
You must enter the security code within 30 seconds. After time expires, the app will generate a new six-digit code.
Click Configure Two-Factor Authentication.
If you see a Failed to set user configuration: The security code is invalid. error, a problem may exist with the date and time settings on your server. To fix the issue, contact your hosting provider or system administrator.
To remove two-factor authentication, click Remove Two-Factor Authentication.
To reconfigure two-factor authentication, click Reconfigure. Follow the steps to configure two-factor authentication.
If you reconfigure 2FA for your account, any existing configurations will no longer produce valid security codes.
In This Document
For Hosting Providers