cPanel natively supports Two-Factor Authentication (2FA) as an extra layer of security for your hosting account. When 2FA is enabled you would not only need your account password to login but a time-based token generated by a hardware device (generally a cell phone or tablet) which you control.
To enable 2FA on your cPanel account:
- Download and install a supported Two-Factor Authentication app for your phone/tablet. We recommend Authy, however, any of the following will work:
Google Authenticator (Android, iOS and Blackberry)
Duo Mobile (Android and iOS)
Authenticator (Windows Phone)
Authy (Android, iOS, Blackberry and Windows Phone)
- Login to cPanel for your account and use the search bar to locate the 'Two-Factor Authentication' interface. Click the 'Two-Factor Authentication' icon that appears.
- You will see an icon titled 'Set Up Two-Factor Authentication'. Click this button.
- You will be presented with both a QR code and account / unique key code. If your device has a QR code scanner we recommend using that for quickly adding your account.
- Once your cPanel account two-factor has been tied to your device you will be presented with a rotating 6 digit code. Type that 6 digit code into the field titled 'Security Code: 6 digit code'.
- Click 'Configure Two-Factor Authentication'. Two-Factor Authentication will now be enabled for cPanel and will be required each time you login.
If you lose your hardware device we will need to disable Two-Factor Authentication for your account so you can regain cPanel access. This will need to be done via support ticket after your account ownership is verified.
We highly recommend setting up two-factor authentication for your cPanel login.