You can no longer depend on a username and password to keep you safe.
With all the data breaches, malware, and phishing scams making rounds across the Internet you just have to assume someone is going to get your password (if they don't already have it).
Because of this, I would highly recommend enabling two-factor authentication on all your important logins including cPanel, Web Host Manager, and Pakiwebhost client portal.
What Is Two-Factor Authentication
Two-factor authentication adds an extra layer of security across your accounts requiring a unique pin code from your smartphone device after you successfully enter your username and password.
For example, if you have it enabled on Pakiwebhost, you'll see this screen after you enter your username and password:
You would then open up the Google Authenticator app on your phone and enter the unique six-digit code that is shown.
This code expires every 30 seconds and re-generates.
You'll notice above, you're given a back-up code when you set it up that you can use incase your device is lost or stolen.
You'll want to write this code down and store it somewhere safe (don't store it on your computer).
How To Enable Two-Factor In cPanel
To enable on your cPanel account, you'll simply login to cPanel -> Two-Factor Authentication:
You'll then want to click the link to Set Up Two-Factor Authentication:
For the next step, you'll need to have one of the supported smartphone apps:
- For Android™, iOS®, and Blackberry® — Google Authenticator™
- For Android and iOS — Duo Mobile
- For Windows® Phone — Authenticator
Personally, I recommend Google Authenticator as I've used it for many years with great success (if possible).
Next, you'll need to scan the QR code or enter the information manually:
Once setup on your phone, you'll need to verify the six-digit security code generated by the app:
That's it!
Next time you login to cPanel using your username and password it'll ask for your two-factor security pin.
How To Enable Two-Factor In Web Host Manager
For our Resellers and VPS hosting customers, you can also enable inside of Web Host Manager -> Two-Factor Authentication:
Next, click on Manage My Account -> Set Up Two-Factor Authentication:
You'll then follow the same steps listed above (download smartphone app, scan/enter QR information, confirm security pin).
If your customers set this up, you can help them manage it (i.e. remove access) using the Manage Users tab:
How To Enable Two-Factor In Pakiwebhost
We were one of the first web hosts/domain registrars to begin allowing two-factor authentication in our client area.
We feel very strongly about this as this is the place you keep all your precious domain names, hosting packages, and billing information.
You can enable by logging into our Client Area -> Security Settings:
To enable, click the green Click here to Enable button:
Our setup wizard will then guide you through the process:
As above, you'll be given a QR code to scan or code to manually enter into your app:
Next, enter the six-digit code on the app to confirm:
Finally, you'll be given your backup code. Please remember you should NEVER store this on your computer and should write it down somewhere safe:
That's it! Next time you login to your Pakiwebhost account, you'll be asked to verify your unique six-digit pin code.
How To Enable Two-Factor Authentication
I've filmed a video tutorial on our official YouTube channel to also walk you through:
Don't let this be something you neglect to do! This is the most important security measure on your account and will help keep everything safe and secure!
Let me know if you run into any issues!