How do I setup Two-Factor Authentication (2FA) on my WHM account
What is Two-Factor Authentication (2FA)?
Two-factor authentication adds an additional layer of security to WHM by adding a second step to your login.
In addition to something you know (i.e. your existing password) it adds what is known as a possession, or second factor - based on something you possess - which in this case will be an App on your mobile phone or desktop.
Since both are required to log in, even if an attacker has your password they can't access your account unless they also possess your phone or authentication app.
Why is Two-Factor Authentication necessary?
Passwords are often compromised when mobile devices or computers are stolen or infected with malware - or when insecure networks are used to retrieve passwords by email. They can often be guessed, they usually don't change very often, and despite advice otherwise, many of us have favourite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account
You'll need a 2FA app; we tested and like Authy (external link opens in a new window) - which has versions for iPhone & Android devices as well as desktop versions for Mac & PC and a Chrome browser extension.
- You'll need to be logged in to your WHM and have a 2FA app like Authy (external link opens in a new window) installed before you'll be able to complete this process.
From the Security Center section of the left hand menu click on Two-Factor Authentication.
- Click the slider to turn the Two-Factor Authentication Security Policy on.
- Click the Manage My Account tab.
- Click Set Up Two-Factor Authentication.
- You'll now see the 2FA setup screen showing that the Two-Factor Authentication Security Policy is enabled - now you need to setup your One-Time Password (OTP) app.Open your 2FA app and follow the app's instructions to add a new account. Authy have instructions for adding a new account (external link opens in a new window) on different devices.
- Once you've scanned the barcode, or added the code, the new account should be added in your app and begin generating One-Time Password (OTP) codes.
Enter a valid code from your app in to Step 2) and click Configure Two-Factor Authentication.
- You'll now see the Status for 2FA on your account set as Configured.
Remove two-factor authentication
Clicking the Remove Two-Factor Authentication button will prompt to confirm removal and 2FA will be disabled.
Unable to create a 2FA code or use a backup code
If you're unable to generate a 2FA code - maybe you've changed phones or no longer have access to the 2FA - and you don't have access to your backup code you'll need to contact support and supply the required ID and we will disable it for you.