RamNode logo
    Sign UpLogin
    Back to Shared Hosting Documentation

    Two-Factor Authentication

    Add an extra layer of security to your cPanel account with 2FA.

    Table of Contents

    What is Two-Factor Authentication?

    Two-factor authentication (2FA) adds an extra layer of security to your account. Instead of just entering a password, you also need a second form of verification—typically a time-based code from your mobile device.

    Something you know:

    Your password

    Something you have:

    Your mobile device with authenticator app

    Even if someone steals your password, they can't access your account without the second factor.

    Why Enable 2FA?

    Prevent Unauthorized Access

    Protect against password theft

    Stop Brute Force Attacks

    Password alone isn't enough

    Secure Sensitive Data

    Extra protection for databases and files

    Peace of Mind

    Know your site is secure

    Setting Up 2FA in cPanel

    Step 1: Install Authenticator App

    Install an authenticator app on your smartphone:

    Google Authenticator

    Simple and reliable, available on iOS and Android

    Authy

    Multi-device support, cloud backup available

    Microsoft Authenticator

    Works with Microsoft accounts, backup features

    1Password

    Password manager with built-in 2FA

    2

    Access Two-Factor Authentication in cPanel

    1. Log in to your cPanel account
    2. Scroll to the "Security" section
    3. Click "Two-Factor Authentication"
    3

    Configure Two-Factor Authentication

    1. Click "Set Up Two-Factor Authentication"
    2. You'll see a QR code and a setup key
    3. Open your authenticator app
    4. Tap "+" or "Add Account"
    5. Choose "Scan QR Code" (or enter setup key manually)
    6. Point your camera at the QR code on screen
    4

    Verify Setup

    1. Your authenticator app now shows a 6-digit code
    2. This code changes every 30 seconds
    3. Enter the current code in cPanel
    4. Click "Configure Two-Factor Authentication"
    5

    Save Recovery Codes

    Critical: Save These Codes!

    cPanel will display backup recovery codes. Print them and store in a safe place, save to password manager, or store in secure cloud storage. You'll need these if you lose your phone.

    Logging In with 2FA

    1. Go to cPanel login page
    2. Enter your username and password as normal
    3. Click "Log in"
    4. You'll be prompted for a security code
    5. Open your authenticator app
    6. Enter the 6-digit code shown
    7. Click "Verify" or press Enter
    8. You're now logged in!

    Time Sync Important:

    Codes are time-based and change every 30 seconds. Your device time must be accurate. Enable automatic time sync on your phone.

    Using Recovery Codes

    When to Use:

    • • Lost or broken phone
    • • Authenticator app deleted
    • • Can't access authenticator for any reason

    How to Use:

    1. At the 2FA prompt, look for "Use Recovery Code" option
    2. Enter one of your saved recovery codes
    3. Each code works only once
    4. After login, set up 2FA again on new device

    Managing 2FA Settings

    Regenerate Recovery Codes

    In Two-Factor Authentication section, click "Regenerate Recovery Codes". Old codes are invalidated. Save new codes securely.

    Reconfigure 2FA

    Click "Reconfigure" to get a new QR code. Scan with your authenticator app. Use when getting a new phone or switching apps.

    Disable 2FA

    Click "Remove Two-Factor Authentication" and confirm.

    Warning: Only disable 2FA if absolutely necessary. Your account becomes less secure.

    Troubleshooting 2FA Issues

    Code Not Working

    Common causes:

    • • Time sync issue on phone
    • • Entering expired code (they change every 30s)
    • • Wrong account selected in app

    Solutions:

    • iPhone: Settings → General → Date & Time → Set Automatically
    • Android: Settings → System → Date & Time → Automatic
    • • Wait for a fresh code (don't use one about to expire)

    Lost Phone / Can't Access Authenticator

    1. Use a recovery code to log in
    2. Once logged in, reconfigure 2FA on new device
    3. Generate new recovery codes
    4. If no recovery codes, contact hosting support

    2FA for WordPress Sites

    Enable 2FA for WordPress admin login separately:

    Recommended WordPress 2FA Plugins:

    Wordfence

    Includes 2FA feature, free tier available

    Two Factor Authentication

    Simple setup, Google Authenticator support

    WP 2FA

    Comprehensive solution, multiple methods

    Best Practices for 2FA

    Recovery Code Management:

    • • Store in 2-3 different secure locations
    • • Print and keep in safe
    • • Encrypted file in cloud storage
    • • Store as secure note in password manager

    Device Management:

    • • Use authenticator on device you regularly have
    • • Consider Authy for multi-device support
    • • Keep authenticator app updated
    • • Have backup device configured (if app supports)

    Account Security:

    • • Still use strong, unique password
    • • Change password periodically
    • • Don't share recovery codes
    • • Monitor login activity

    When to Reconfigure:

    • • Getting new phone
    • • Switching authenticator apps
    • • Concerned about security breach
    • • Codes stop working consistently