How to Add Two-factor Authentication to cPanel and WHM

Simple tutorial on adding two-factor authentication on your web hosting's control panel to further secure your website.

Adding an extra layer of protection to your website is always a good idea. It makes it harder for hackers to penetrate through your backend and gain access to things you don’t want them to. In this post, I’m going to show you how to add two-factor authentication (2FA) to your web hosting’s control panel – cPanel.

Before we get started, here are a couple of things you will be needing:

  • Access to your web hosting’s cPanel and WHM.
  • Smartphone with a time-based one-time password (TOTP) app installed.

Once you have both these things, you can start the process by following the steps below.

1. Log in to WHM.

whm screen

2. Look for the "Security Center".

whm security center

3. Under Security Center, look for "Two-Factor Authentication".

whm two factor authentication

4. Toggle on Two-Factor Authentication by clicking on the off button. Once this is done, the red dot will turn green. Now click Save.

turn 2fa own

5. Go to "Manage My Account" tab and scan the QR code given there with your TOTP app on your smartphone.

manage my account step 1

6. Enter the 6-digit security code from your TOTP app back to "Security Code" under Step 2. Next, click "Configure Two-Factor Authentication"

manage my account step 2

Two-factor authentication is now set up. Let’s keep this browser window open. In case anything goes south, you can easily disable the two-factor authentication right away.

Test 2FA

Now let’s test if it’s working properly.

1. Open a new browser and go to your website’s cPanel URL. The URL should be either, or Now log in with your credentials.


2. You should be prompted to enter the security code. Get the 6-digit security code from your smartphone’s TOTP app, enter and click "Continue"

cpanel security code

If you’re able to login to your cPanel page, that means it worked!