cPanel natively supports Two-Factor Authentication (2FA) as an extra layer of security for your hosting account. When 2FA is enabled you would not only need your account password to login but a second form of authentication in the form of a time based token generated by a hardware device (generally a cell phone or tablet) which you control. To enable 2FA on your cPanel account:
- Download and install a supported Two-Factor Authentication app for your phone/tablet. We recommend Authy however any of the following will work:
Google Authenticator (Android, iOS and Blackberry)
Duo Mobile (Android and iOS)
Authenticator (Windows Phone)
Authy (Android, iOS, Blackberry and Windows Phone)
- Login to cPanel for your account and use the search bar to locate the 'Two-Factor Authentication' interface. Click the 'Two-Factor Authentication' icon that appears.
- You will see an icon titled 'Set Up Two-Factor Authentication'. Click this button.
- You will be presented with both a QR code and account / unique key code. If your device has a QR code scanner we recommend using that for quickly adding your account.
- Once your cPanel account two-factor has been tied to your device you will be presented with a rotating 6 digit code. Type that 6 digit code into the field titled 'Security Code: 6 digit code'.
- Click 'Configure Two-Factor Authentication'. Two-Factor Authentication will now be enabled for cPanel and will be required each time you login.
If you lose your hardware device we will need to disable Two-Factor Authentication for your account so you can regain cPanel access. This will need to be done via support ticket after your account ownership is verified.