Knowledgebase: cPanel
Two-Factor Authentication for cPanel

Overview

Two-factor authentication (2FA) is a security measure that requires two forms of identification. After you enter your password, you must enter a security code. An application on your smartphone supplies this code. Without your smartphone, you cannot log in.

 

Note:
  • You can configure 2FA for Webmail.

  • 2FA requires a smartphone with a supported time-based one-time password (TOTP) app. We suggest the following apps:

Configure 2FA

To configure 2FA, perform the following steps:

  1. Click Set Up Two-Factor Authentication.
  2. Link your cPanel account and your 2FA app:
    • To automatically create the link, scan the displayed QR code with your app.
    • To manually create the link, enter the provided Account and Key information in your app.
  3. Within your 2FA app, retrieve the six-digit security code
    Note:

    The 2FA app generates a new six-digit security code every 30 seconds.

  4. Enter the six-digit security code in the Security Code text box.
    Note:

    You must enter the security code within 30 seconds. After time expires, the app will generate a new six-digit code.

  5. Click Configure Two-Factor Authentication.
    Note:

    If you see a Failed to set user configuration: The security code is invalid. error, a problem may exist with the date and time settings on your server. To fix the issue, contact your hosting provider.

Remove 2FA

To remove 2FA, click Remove Two-Factor Authentication.

Reconfigure 2FA

To reconfigure 2FA, click Reconfigure. Follow the steps above to configure two-factor authentication.

Warning:

This action will overwrite your account’s existing 2FA configuration. As a result, any existing 2FA app configurations will not provide valid security codes.