How to set up Two-Factor Authentication for VPS and Dedicated Servers

Two-Factor Authentication (2FA) is a security measure available to users with Root access on their server. After you enter your password, you must also enter a security code from a connected smartphone in order to log in.

Note that this feature is only available on VPS and Dedicated Server plans that allow you Root access. Managed VPS plans can get Root access by following this guide, but this feature is not recommended for use on a Managed server. This feature is unfortunately not available on our Shared and Reseller plans.
Since 2FA does not allow access from anyone without the security code, our technical support team will not be able to assist you as efficiently. If you lose access to your account, please submit a support ticket and we will try to get it back for you, but please be aware this will not be possible in all cases.

Make 2FA available through WHM

Step 1 - Log into WHM as the Root user and click on Two-Factor Authentication.

93809bf9c17828bd9d9bb66b17edc9c843e34142?t=2bcd44aaac08bf48ead7564c33946caf

93809bf9c17828bd9d9bb66b17edc9c843e34142?t=2bcd44aaac08bf48ead7564c33946caf

Step 2 - Toggle the Security Policy button to On, then click Save.

cadb1cb4446b79919f9becd69fc6e162a331027e?t=338608ed37f115ec731ca2d3973c130a

cadb1cb4446b79919f9becd69fc6e162a331027e?t=338608ed37f115ec731ca2d3973c130a

Enable 2FA

Enable 2FA capabilities for a cPanel account through WHM

Step 1 - Edit a feature list that you use for your accounts (Create a new one if you wish), and ensure it has the option Two-Factor Authentication enabled.

9c3f85842acb3799042f5aa0f98cccbbbf025d24?t=e215d94f3aea2e2feb518c7556682365

9c3f85842acb3799042f5aa0f98cccbbbf025d24?t=e215d94f3aea2e2feb518c7556682365

Step 2 - Edit a package that you use for your accounts (Create a new one if you only want to grant 2FA to certain cPanel accounts), and ensure it is using the Feature List from the previous step. This will grant all accounts using this package the ability to set up 2FA.

6a9bdbfaba5da7c2f78dfad0c06504c19ee5fa58?t=7714ee7263c62d7283ed37b296320462

6a9bdbfaba5da7c2f78dfad0c06504c19ee5fa58?t=7714ee7263c62d7283ed37b296320462

Set up 2FA inside a cPanel account

Step 1 - Log into the cPanel account you want to enable 2FA for. Click on Two-Factor Authentication.

de1d988115d3d2d9f0521fbd58afeb477daf2c17?t=195d682a430884bb89424c0dced77fca

de1d988115d3d2d9f0521fbd58afeb477daf2c17?t=195d682a430884bb89424c0dced77fca

Step 2 - Click on Set Up Two-Factor Authentication.

156476028b67fe43c0b9340c18c84323747cbd28?t=96af9be707dfcd9dd46b974859f223bf

Step 3 - On a compatible app, either scan the QR code, or manually enter the details on this page. Enter in the 6 digit code that will display on the phone into the Security Code box and click Configure Two-Factor Authentication.

b2862c746c129b1543546651859eb85e63a31db8?t=175b28cdf986827224828ccc5cd17468

b2862c746c129b1543546651859eb85e63a31db8?t=175b28cdf986827224828ccc5cd17468

Note: The 2FA app generates a new six-digit security code every 30 seconds. You will need to enter the security code within 30 seconds. After 30 seconds the code expires and you will need to use the new six-digit code.

Step 4 - Your phone app should now be linked to your cPanel account, and you will not be able to log into your cPanel account without also entering the current 6 digit code from the app. Please note that any developers or any of our support staff will now need to contact you for access if they need to make any changes on the account.

Set up 2FA for WHM

Step 1 - Log into WHM as the user that you want to set up 2FA for. If this is not the root user, you will need to follow the steps in the Enable 2FA capabilities for a cPanel account through WHM section first. Click on Two-Factor Authentication.

93809bf9c17828bd9d9bb66b17edc9c843e34142?t=2bcd44aaac08bf48ead7564c33946caf

Step 2 - Select Manage My Account then Set Up Two-Factor Authentication.

4c1dc98f5e86c79a3154dd24d1a98f4499d5927d?t=98e7a3b6b96953552e4ac17056a846a3

4c1dc98f5e86c79a3154dd24d1a98f4499d5927d?t=98e7a3b6b96953552e4ac17056a846a3

Disable 2FA

Disable 2FA through cPanel

Step 1 - Log into cPanel (You will need to use your second factor to do so). Click on Two-Factor Authentication.

de1d988115d3d2d9f0521fbd58afeb477daf2c17?t=195d682a430884bb89424c0dced77fca

Step 2 - Select Remove Two-Factor Authentication.

b08cceae6114da3fd420fddc32b47a8f15c2568a?t=820f7218c28b7093d34d1e4d7fb364f5

Step 3 - Select Remove.

65f09c7918e784cecf3c8fe3a6d5d56420945160?t=7c4eaba55de63e39641f26d58f80b7bf

Disable 2FA through WHM

As a reseller, you may need to disable or reconfigure 2FA for a client that lost access to their account. You will still be able to access their cPanel account through the List Accounts section in WHM, and will be able to manage their 2FA status while logged in as Root.

Step 1 - Log into WHM as the Root user and click on Two-Factor Authentication.

93809bf9c17828bd9d9bb66b17edc9c843e34142?t=2bcd44aaac08bf48ead7564c33946caf

Step 2 - Select Manage Users then Disable.

626bc1d226d61eb3d7ccda6adb40a966b0187c48?t=9484a3e44c338e2c71d02bd365abff35

Step 3 - Select Continue.

465b65ce9cb9be600aa056f283b1ea07666bad88?t=962683b10625cb44be1dc06255e312c3

For more information, please see the official cPanel documentation.

Visit Support Centre

Other Contact Details

Call us

Create a support ticket

Local Phone Numbers

Other Contact Details

Call us

Send us a message

About Domains

About Email

About Hosting

About VPS

About Dedicated

About WordPress

About SSL & Security

Your Support Centre

Your Support Centre

How to set up Two-Factor Authentication for VPS and Dedicated Servers

Call us

Create a support ticket

Call us

Send us a message

Create an account

Your Support Centre

Your Support Centre

How to set up Two-Factor Authentication for VPS and Dedicated Servers

Related Articles