How to secure my hosting account with 2 factor auth

How to Enable Two-Factor Authentication (2FA) in cPanel and DirectAdmin

Two-factor authentication (2FA) adds an extra layer of security to your hosting control panel by requiring a second form of verification beyond just your password. Enabling 2FA can significantly reduce the risk of unauthorized access to your accounts. This article guides you through the process of enabling 2FA in two popular hosting control panels: cPanel and DirectAdmin.

Enabling 2FA in cPanel

Log into cPanel: First, access your cPanel account by following the instructions in the New Account Information email

Find the Security Section: Once logged in, scroll down or use the search feature to find the "Security" section. Click on the "Two-Factor Authentication" icon.

Set Up Two-Factor Authentication: In the Two-Factor Authentication page, click on the "Set Up Two-Factor Authentication" button.

Scan QR Code: You will see a QR code on the screen. Use a 2FA app on your mobile device, such as Google Authenticator or Authy, to scan this QR code. These apps will generate a six-digit code that changes every 30 seconds.

Enter the Verification Code: After scanning the QR code, your app will provide a 6-digit code. Enter this code in the "Security Code" field on your cPanel setup page and click "Configure Two-Factor Authentication".

Backup: Ensure you save the displayed backup code in a secure location. This code can be used to access your account if your mobile device is unavailable.

Confirmation: Once configured, you'll receive confirmation that 2FA is enabled. From now on, you'll need both your password and the code from your 2FA app to log in.

Enabling 2FA in DirectAdmin

Log into DirectAdmin: Access your DirectAdmin account by following the instructions in the New Account Information email.

Access Advanced Features: Look for the Advanced Features section after logging in, then click on Two-Step Authentication.

Begin Setup: Click on the Generate Secret button to start setting up 2FA.

Scan QR Code: DirectAdmin will generate a QR code. Use a 2FA app on your smartphone (Google Authenticator or Authy) to scan this code. Like with cPanel, this will add your DirectAdmin account to the app, which will then generate a temporary 6-digit code.

Enter the Verification Code: Input the 6-digit code from your app into the QR Code input box, be sure to tick Require valid Two-Step Authentication Code to login to this account. Finally, click Save.

Backup Codes: DirectAdmin will provide backup codes upon successful activation. Store these codes in a secure place; they will allow you to access your account if your mobile device is lost or unavailable.

Confirmation: You will see a confirmation message once 2FA is successfully enabled. Use your password and the 2FA code from your app for future logins.

Conclusion

Activating two-factor authentication is a smart step towards securing your hosting control panel accounts against unauthorized access. Whether you're using cPanel or DirectAdmin, the process is straightforward and significantly enhances your account's security. Always store your backup codes in a secure location to ensure you can access your account if your mobile device is unavailable.

Updated on: 14/02/2024