How Do I Setup Two-Factor Authentication (2FA) On My CPanel Account

Two-Factor Authentication (2FA)

Two-Factor Authentication (2FA) adds an extra layer of protection to your cPanel and WHM accounts by requiring two forms of verification during login:

  • Something you know — your password.
  • Something you have — a unique security code generated by an authentication app on your phone or desktop.

Even if someone learns your password, they cannot access your account without the code from your authentication app.

Why Use Two-Factor Authentication?

Passwords can be compromised through phishing, malware, or stolen devices. Many users also reuse passwords across different accounts, increasing risk. 2FA prevents unauthorized access — your password alone is no longer enough to log in.

Requirements

  • A 2FA app such as Authy or Google Authenticator, available for mobile and desktop.
  • Access to your cPanel or WHM account.
Tip: Keep your authentication device secure. If you lose it, you may need to contact support to regain access.

Set Up 2FA in cPanel

Step 1: Log in and Open 2FA Settings

Sign in to your cPanel account. In the Security section of your dashboard, click Two-Factor Authentication.

Two-Factor Authentication option in cPanel

Figure 1: Two-Factor Authentication in cPanel’s Security section

Step 2: Configure Two-Factor Authentication

Click Set Up Two-Factor Authentication. You’ll see a QR code and manual configuration details displayed on-screen.

QR code setup screen for 2FA

Figure 2: QR code for linking your authentication app

Open your 2FA app (Authy or Google Authenticator) and add a new account by scanning the QR code. If you can’t scan it, manually enter the details:

  • Account: User Name
  • Key: CODE !!!
Step 3: Verify and Enable

Enter the 6-digit security code generated by your app and click Configure Two-Factor Authentication. Once verified, 2FA will be active for your cPanel account.

Success! You’ve successfully enabled 2FA for your cPanel account.

Set Up 2FA in WHM

You’ll need to be logged into your WHM account and have your 2FA app installed (e.g., Authy).

  1. In the left-hand menu, open the Security Center section and click Two-Factor Authentication.
  2. Click the toggle to enable the Two-Factor Authentication Security Policy.
  3. Click the Manage My Account tab.
  4. Select Set Up Two-Factor Authentication.
  5. Scan the displayed QR code with your authentication app or manually enter the provided key.
  6. Once your app generates codes, enter a valid one and click Configure Two-Factor Authentication.
Configured: 2FA is now active on your WHM account.

Remove Two-Factor Authentication

To disable 2FA, click the Remove Two-Factor Authentication button in your cPanel or WHM 2FA settings. You’ll be prompted to confirm before removal.

Warning: Removing 2FA will make your account less secure.

Can’t Generate a 2FA Code or Use a Backup Code?

If you’ve changed phones or lost access to your authentication device and don’t have a backup code, contact your hosting support team. You’ll need to verify your identity before they can disable 2FA for you.

Was this article helpful?

mood_bad Dislike 0
mood Like 2
visibility Views: 865

Need more information or have a question ?