Skip to main content

Enabling Two-Factor Authentication (2FA)

security, 2fa, twofactor, authentication, login 0 Was this answer helpful?

Two-factor authentication adds an extra layer of security to your cPanel login. After entering your username and password, you'll also need to provide a time-based code from an authenticator app on your phone. This means that even if your password is compromised, an attacker cannot access your account without your phone.

Please note: Screens and options may vary slightly depending on your cPanel version and hosting plan.

Setting Up 2FA

  1. Log in to your cPanel account.
  2. In the Security section, click Two-Factor Authentication.
  3. Click Set Up Two-Factor Authentication.
  4. A QR code will be displayed on screen.
  5. Open your authenticator app on your phone. Recommended apps include:

- Google Authenticator (iOS, Android) - Authy (iOS, Android, Desktop) - Microsoft Authenticator (iOS, Android) - 1Password, Bitwarden, or other password managers with TOTP support

  1. In your authenticator app, scan the QR code (or enter the secret key manually).
  2. Enter the 6-digit code shown in your app into the Security Code field in cPanel.
  3. Click Configure Two-Factor Authentication.

Logging In with 2FA

After enabling 2FA:

  1. Enter your cPanel username and password as normal.
  2. You'll be prompted for a 6-digit authentication code.
  3. Open your authenticator app and enter the current code.
  4. Click Log In.

Disabling 2FA

  1. Log in to cPanel (you'll need your current 2FA code).
  2. Go to Two-Factor Authentication.
  3. Click Remove Two-Factor Authentication.
  4. Confirm the removal.

If you've lost access to your authenticator app and cannot log in, contact your hosting provider. They may need to disable 2FA from the server side.

Tips

  • Store your 2FA backup/recovery codes in a secure location (e.g. a password manager or a printed copy in a safe place).
  • If you change phones, set up your authenticator on the new device before wiping the old one.
  • 2FA codes are time-based. If your phone's clock is significantly out of sync, codes may not work. Ensure automatic time synchronisation is enabled on your device.
  • Consider enabling 2FA on all accounts that support it, not just cPanel.

What Next?

Related Articles

knowledgebasedidyoufindanswer

Related Articles

Understanding SSL/TLS Certificates
Installing a Free SSL Certificate (Let's Encrypt)
Blocking IP Addresses
Enabling Hotlink Protection
Setting Up Leech Protection
« Back

  Tag Cloud

Embed Sharing HTML RSS Autopod Shows MediaCP intro file logging in browser cookies cpanel introduction gettingstarted overview email accounts setup password security forwarders routing autoresponder vacation webmail roundcube client outlook thunderbird imap smtp filters rules spam spamassassin filtering mailinglist lists spf dkim dmarc deliverability dns quota diskusage storage mx trace troubleshooting delivery calendar contacts caldav carddav catchall default pop3 protocols errors bounce files filemanager upload download ftp filezilla sftp permissions chmod backup restore htaccess images thumbnails resize git versioncontrol development domains addon subdomains aliases parked redirect redirects forwarding zone records arecord cname txt dynamic ddns nameservers explained beginner databases mysql phpmyadmin management remote access postgresql import export optimise repair performance ssl tls https certificates letsencrypt free ipblocker firewall hotlink bandwidth leech 2fa twofactor authentication login ssh terminal commandline imunify malware antivirus modsecurity waf metrics visitors stats analytics transfer usage logs accesslogs raw awstats statistics cpu memory resources limits software softaculous installer wordpress apps cms blog php versions configuration phpini cron scheduled automation errorpages 404 500 custom mime filetypes content nodejs python backups full archive partial selective wizard guided jetbackup selfservice advanced apache rewrite caching speed contact account profile theme style appearance bash multiphp migration moving cache clear

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

We Use Cookies

We use Google Analytics and Microsoft Clarity to understand how you use our site and improve your experience. Learn more in our Privacy Policy