BuycPanel Blog

BuycPanel Blog

Latest news and updates

How to Enforce Advanced Authentications Beyond Password Verification?

Posted by Allura on 10 06 2019.

Overview
This function lets you set up two-factor authentication (2FA) which is a better security system for the login interface of cPanel and WHM. There are two forms of identification involved:A machine generated security code
A password determined by the userWhen 2FA is activated, a code will be generated by an application present on your smartphone. This code then must be entered along with your password to log in to your account. 
Important:
You or your users might come across an error message: Failed to set user configuration: The security code is invalid. This means that there is a problem with the date and time settings of your cPanel server. Use the steps outlined below to fix the problem:You can use the ntpdate command to re-synchronize the internal clock of your server with the Network Time Protocol (NTP) server.
An accurate server time is crucial towards the proper functioning of 2FA.Note:
The…

Overview

This function lets you set up two-factor authentication (2FA) which is a better security system for the login interface of cPanel and WHM. There are two forms of identification involved:

  • A machine generated security code
  • A password determined by the user

When 2FA is activated, a code will be generated by an application present on your smartphone. This code then must be entered along with your password to log in to your account.

 

Important:

You or your users might come across an error message: Failed to set user configuration: The security code is invalid. This means that there is a problem with the date and time settings of your cPanel server. Use the steps outlined below to fix the problem:

  • You can use the ntpdate command to re-synchronize the internal clock of your server with the Network Time Protocol (NTP) server.
  • An accurate server time is crucial towards the proper functioning of 2FA.

Note:

The primary requirement for 2FA is a smartphone that supports a time-based one-time password (TOTP) app.

 

How to Enable 2FA

If you find that 2FA is disabled on the server, you can activate it by clicking on the toggle and changing it to On in order to enable 2FA.

Note:

2FA can only be activated by the root user.

 

Settings

This option lets you configure the 2FA Issuer setting. This setting determines the name that will appear in the app when the security code is accessed. If no name is entered, it will default to the hostname.

 

Manage Users

The Manage Users tab shows the accounts for which 2FA have been activated. It also lets you deactivate 2FA on those accounts.

You can remove 2FA for a particular user account by clicking on the Disable option next to the user account on the Manage Users list. You can also remove multiple user accounts using the Disable Selected option under the gear ()  icon.

You can enable 2FA for a user account by logging in to the cPanel interface as a user and locating the Two-Factor Authentication interface.

Manage my Account

This tab allows you to activate 2FA for the reseller account or the root account. You can configure 2FA through the Set Up Two-Factor Authentication option. A link must be created between your 2FA app and you cPanel account. To remove 2FA, use the Remove Two-Factor Authentication option. Click on Reconfigure if you want to reconfigure the 2FA settings.

 

Conclusion

You can easily configure the 2FA settings for a user or users using the steps mentioned above.