Configuring two-factor authentication (2FA) on cPanel

Procédure

What is two-factor authentication?

Two-factor authentication improves the security of your cPanel account by securing access with a mobile application to confirm each new connection. This way, even if your password has been found by a malicious person, they will not be able to connect to your cPanel account without having your phone at their disposal.

Installing the 2FA application on your smartphone

Two-factor authentication requires you to have an authentication application available. Neither LWS nor cPanel provides such an application, so we recommend that you use the 2FA application you are already used to using. If you don't already have one, you can use Google Authenticator or Microsoft Authenticator:

• Download Google Authenticator for Android
• Download Google Authenticator for iPhone
• Download Microsoft Authenticator for Android
• Download Microsoft Authenticator for iPhone

For the rest of the documentation, we'll look at how to configure two-factor authentication with the Microsoft Authenticator application. However, the principle remains the same regardless of the application and/or type of phone used.

Activating 2FA authentication on cPanel

Once you have installed the application on your phone, go to your cPanel control panel and click on the"Two-factor authentication" icon:

Then click on the"Configure two-factor authentication" button:

A QR code for your authentication key is then displayed so that you can pair your two-factor login application with your cPanel account:

On your phone, in your two-factor authentication application, add a new account:

On Microsoft Authenticator in particular, it asks for the type of account to add, so choose "Other account" :

Then scan the QR code generated by cPanel:

The account is then added to your OTP (One-Time Password) wallet:

Then select your cPanel account and retrieve the one-time password. Note that the number of seconds remaining before the code expires is displayed next to it:

Back on your PC, enter the one-time code in the"Security code" field and click on"Configure two-factor authentication".

And that's it, your two-factor authentication is now configured.

How do I connect to a cPanel account secured by two-factor authentication?

To log in to a cPanel account, go to the login page for your cPanel account, fill in the login form and click on"Login":

As two-factor authentication is active, you will then need to provide the one-time code from your phone :

Once you have entered the connection code, click on "Continue" and you will be connected to your cPanel account.

How do I disable two-factor authentication?

In your cPanel interface, click on the "Two-factor authentication" icon and click on "Remove two-factor authentication" :

Then confirm your request by clicking "Delete" and your two-factor authentication will be permanently deleted. You can then optionally delete the account on your phone.

I've lost my phone, how can I access my cPanel account?

Once two-factor authentication is active, without your phone and your OTP (One Time Password) application, it is not possible to connect to your cPanel account. However, we can deactivate two-factor authentication on your account at your request. To do this, you will need to make your request on a support ticket.

During the procedure, you will be asked to verify your identity to prevent a third party from requesting deactivation of two-factor authentication without your knowledge.