How do I setup Two-Factor Authentication (2FA) on my WHM account

What is Two-Factor Authentication (2FA)?

Two-factor authentication adds an additional layer of security to WHM by adding a second step to your login.

In addition to something you know (i.e. your existing password) it adds what is known as a possession, or second factor - based on something you possess - which in this case will be an App on your mobile phone or desktop.

Since both are required to log in, even if an attacker has your password they can't access your account unless they also possess your phone or authentication app.

Why is Two-Factor Authentication necessary?

Passwords are often compromised when mobile devices or computers are stolen or infected with malware - or when insecure networks are used to retrieve passwords by email. They can often be guessed, they usually don't change very often, and despite being advised not to, many of us have favourite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account


You'll need a 2FA app; we tested and like Authy (external link opens in a new window) - which has versions for iPhone & Android devices as well as desktop versions for Mac & PC and a Chrome browser extension.

  1. You'll need to be logged in to your WHM and have a 2FA app like Authy (external link opens in a new window) installed before you'll be able to complete this process.
    From the Security Centre section of the left hand menu click on Two-Factor Authentication.
    1. Click the slider to turn the Two-Factor Authentication Security Policy on.
    2. Click the Manage My Account tab.
    3. Click Set Up Two-Factor Authentication.
  2. You'll now see the 2FA setup screen showing that the Two-Factor Authentication Security Policy is enabled - now you need to setup your One-Time Password (OTP) app.
    Open your 2FA app and follow the instructions to add a new account. Authy have instructions for adding a new account (external link opens in a new window) on different devices.
  3. Once you've scanned the barcode, or added the code, the new account should appear in your app and begin generating One-Time Password (OTP) codes.
    Enter a valid code from your app and click Configure Two-Factor Authentication.
  4. You'll now see the Status for 2FA on your account set as Configured.

Remove two-factor authentication

Clicking the Remove Two-Factor Authentication button will prompt to confirm removal and 2FA will be disabled.

Unable to create a 2FA code or use a backup code

If you're unable to generate a 2FA code - maybe you've changed phones or no longer have access to the 2FA - and you don't have access to your backup code you'll need to contact support and supply the required ID and we will disable it for you.

How did we do?

Powered by HelpDocs (opens in a new tab)
© Krystal Hosting Ltd 2002–