How to manage two-factor authentication for resellers in WHM

Using two-factor authentication (2FA) with reseller accounts is simple and straightforward. 2FA is an improved security measure for the login interface of cPanel and WebHost Manager, and is available for all reseller accounts. With 2FA, you use two forms of identification to log in to an account:

  • Your password.
  • A unique, time-based security code.
For more information about 2FA, please visit https://en.wikipedia.org/wiki/Multi-factor_authentication.

Setting up two-factor authentication in WHM

When you use 2FA, an application on your smartphone generates a code that you must enter in addition to your password to log in to WHM. Without an application to generate the security codes, you cannot log in.

cPanel recommends the following apps for use with 2FA:

You do not have to use these apps. Alternatively, you can use any app that generates codes using the time-based one-time password (TOTP) algorithm.

To configure 2FA for your account, follow these steps:

  1. Log in to WebHost Manager.
    If you do not know how to log in to your WebHost Manager account, please see this article.
  2. In the search box at the upper left of the WHM screen, start typing factor, and then click Two-Factor Authentication when it becomes visible:

    WebHost Manager - Two-Factor Authentication

  3. Click the Settings tab. In the Issuer text box, type the name you want to use.

    The Issuer setting specifies the name that appears in the authentication app when users obtain security codes. If you do not enter a name for the issuer, it defaults to the server hostname.
  4. Click Save.
  5. Click the Manage My Account tab, and then click Set Up Two-Factor Authentication. This creates a link between your account and your 2FA app:

    • To automatically create the link, scan the displayed QR code with your app.
    • To manually create the link, type the provided Account and Key information into your app.
  6. In the Security Code text box, type the code that appears in your app.
  7. Click Configure Two-Factor Authentication. 2FA is now active for your account.

Managing two-factor authentication for your users

In addition to your own account, you can manage 2FA for your user accounts. To do this, follow these steps:

  1. Log in to WebHost Manager.
    If you do not know how to log in to your WebHost Manager account, please see this article.
  2. In the search box at the upper left of the WHM screen, start typing factor, and then click Two-Factor Authentication when it becomes visible:

    WebHost Manager - Two-Factor Authentication

  3. Click the Manage Users tab:

    • To disable 2FA for a specific user account, under Actions, click Disable. Alternatively, you can select the check box next to the account, click the gear icon at the top right of the list, and then click Remove Selected.
    • To disable 2FA for all of your user accounts, click the gear icon at the top right of the list, and then select Disable All.

More Information

To view the official cPanel documentation for two-factor authentication, please visit https://docs.cpanel.net/whm/security-center/two-factor-authentication-for-whm.

Did you find this article helpful? Then you'll love our support. Experience the A2 Hosting difference today and get a pre-secured, pre-optimized website. Check out our web hosting plans today.

We use cookies to personalize the website for you and to analyze the use of our website. You consent to this by clicking on "I consent" or by continuing your use of this website. Further information about cookies can be found in our Privacy Policy.