Two-factor authentication is a method to significantly increase the security of your cPanel account by requiring both the cPanel password and a 2nd security token when signing in.
This helps prevent a compromised cPanel password from being used to compromise your cPanel account as the attacker will need the authenticator which randomly generates a new code every 60 seconds.
2FA is not a substitute for a weak password!
Steps to Enable 2FA:
1. Sign into cPanel and click on the ‘Two-Factor Authentication’ tool
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/dashboard-twofa.png)
2. Click on ‘Set Up Two-Factor Authentication’
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/enable.png)
3. Scan the QR code with your authenticator app on your mobile phone or authentication device
ie Google Authenticator
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/scan-2fa.png)
Your authentication device should now have a new code for the cPanel account
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/code.png)
4. Enter the current security code from the authenticator into the box, and click ‘Configure Two-Factor Authentication’
If you are not fast enough and the code change, you will have to re-enter it!
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/configure.png)
5. You should now get a ‘Success’ message
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/success.png)
6. Sign Out and Sign back in to confirm you are prompted with a 2FA prompt after entering in your cPanel Password
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/2fa_prompt.png)
To Remove 2FA, Open up the ‘Two-Factor Authentication’ tool and click ‘Remove Two-Factor Authentication’
![](https://cdn.cpanel-help.com/wp-content/uploads/2021/08/remove.png)