Enable Two-Factor Authentication (2FA) for cPanel and WHM

Two-Factor Authentication (2FA) makes your account more secure because it needs an extra step to log in to cPanel or WHM. This way, it is harder for others to access your account. As a result, your data and settings stay safe.Two-Factor Authentication (2FA) enhances account security by requiring an additional verification step when logging in to cPanel or WHM.

Follow these steps to enable 2FA

Step 1: Log in to WHM or cPanel

  • For WHM: Log in as the root user.
  • For cPanel: Log in to your cPanel account.

    Step 2: Access the Two-Factor Authentication Interface.

  • In WHM: Search for “Two-Factor Authentication” in the left-hand menu and click it under the Security section.
  • In cPanel: Search for “Two-Factor Authentication” in the search bar.

 

 

 

Step 3: Set Up 2FA

  1. Open an authenticator app on your smartphone (e.g., Google Authenticator, Authy).
  2. Scan the QR code displayed on the screen with the authenticator app.
  3. Enter the 6-digit code generated by the app into the field provided.
  4. Click Configure Two-Factor Authentication.

Step 4: Verify and Save.

  • Ensure the code is accepted. If successful, 2FA is now enabled for your account.
  • Store your recovery codes securely in case you lose access to the authenticator app.
Troubleshooting Tips
  • If 2FA setup fails, check the time on your device and ensure it matches the server’s time.
  • Contact your hosting provider for assistance if locked out.
Conclusion

Turning on Two-Factor Authentication (2FA) for cPanel and WHM is an important way to keep your hosting safe. Without 2FA, if someone gets into your cPanel or WHM without permission, they could:

  1. Compromise Sensitive Data: Access and modify websites, emails, databases, or sensitive client information.
  2. Inject Malicious Content: Install malware, phishing scripts, or ransomware that could damage your reputation.
  3. Disrupt Services: Delete files, suspend accounts, or cause downtime, affecting your clients and business.
  4. Exploit Resources: Use your server to send spam, participate in botnet activities, or engage in other illegal actions.

    Enabling 2FA adds an extra layer of security to protect your accounts, data, and reputation from unauthorized access. Take action today to keep your hosting environment safe!