How to setup Two-Factor Authentication for Reseller in WHM?

You can prevent unauthorized people from getting access by taking steps to secure your hosting server. Two-Factor Authentication (2FA) adds an extra layer of protection by requiring a second code during login.

What is Two-Factor Authentication

2FA requires two separate things to verify your identity before you can enter the dashboard. You must provide your regular password and a unique code from a mobile app. This process ensures that a hacker cannot enter your account even if they know your secret password.

You need a smartphone to use this security feature effectively. Apps like Google Authenticator or Duo Mobile generate these codes every few seconds for your safety.

Configuring 2FA Settings

You can customize how the authentication entry appears on your phone within the settings area. This helps you identify which server the code belongs to when you have multiple accounts.

The issuer name is the label that shows up in your mobile app next to the security code.

• Go to the Two-Factor Authentication section in WHM and click the Settings tab.
• Type a custom name like your business name or keep the default server name.
• Click the Save button to apply the label to all new 2FA setups.

Managing User Authentication

The dashboard allows you to see which users have already activated this security layer. You can also turn off the requirement for specific people if they lose their mobile devices.

Administrators have the power to handle multiple accounts at the same time through the user list.

• Click on the Manage Users tab to see the list of protected accounts.
• Find the specific username and click the Disable button on the right side.
• Tick the boxes next to the names of the accounts you want to change.
• Click the gear icon at the top and select Disable Selected to finish.

Setting Up Your Own Account

Every reseller should protect their own main login to keep the entire server safe. You must link your phone to your account using a QR code or a manual secret key.

This setup happens in a dedicated area for your personal administrative profile.

• Navigate to the Manage My Account tab and press Set Up Two-Factor Authentication.
• Open your mobile app and use the camera to scan the QR code on your screen.
• Type the provided account name and secret key into your app if the camera does not work.
• Input the six-digit code from your phone into WHM to confirm the link is active.

Cantech Security Solutions

Cantech prioritizes the safety of your hosting business with advanced security protocols. We provide full support for 2FA to ensure your administrative areas remain locked away from intruders.

Our systems are compatible with all major authentication apps for a smooth user experience. You can reach out to our team if you ever get locked out of your protected account.

Frequently Asked Questions

What if I lose my phone with the 2FA app?

You will need to contact the server administrator to disable the authentication for your account. They can remove the requirement from the Manage Users tab in WHM. Once you have a new phone, you can set up the link again from scratch.

Do my customers have to use 2FA?

No it is an optional feature that you can offer to your hosting clients. They can choose to enable it from their own cPanel security settings for better protection. You can encourage them to use it to keep their website data safe.

Which mobile apps work best for 2FA?

Google Authenticator is the most popular choice for Android and iPhone users. Microsoft Authenticator and Duo Mobile also work perfectly with the cPanel and WHM system. All these apps are free to download from your app store.

Does 2FA slow down the login process?

It only adds a few seconds to your login routine because you must type a code. This small step is worth the effort because it prevents most hacking attempts successfully. Most users find it very easy to use once they get used to it.