How to enable Two-factor Authentication (2FA) for WHM

Safeguarding your WHM (Web Host Manager) login is paramount for fortifying your server against unwanted intrusions. A highly recommended method to bolster this defense is the activation of Two-Factor Authentication (2FA). This security measure necessitates users to provide a dynamically generated code from an authenticator application, beyond their standard password, thus introducing a significantly stronger barrier. This tutorial will meticulously guide you through the entire procedure for setting up 2FA within WHM.

The following are required:

• Access as a WHM administrator.
• A smartphone or device with an authenticator application installed (examples include Google Authenticator, Authy, Microsoft Authenticator).
• An uninterrupted internet connection for authentication setup.

Step 1. Log in to WHM

Step 2. Navigate to Two-Factor Authentication

Upon entering your WHM interface, direct your attention to the lower portion of the page to find the 'Security Center.' Within this section, select the 'Two-Factor Authentication' option.

Step 3. Set Up Two-Factor Authentication

Begin by turning on this security feature. Next, access your account settings by clicking on the "Manage My Account" tab, followed by selecting the "Set Up Two-Factor Authentication" option.

Step 4. Set Up Authenticator App

• Please authenticate by scanning the presented QR code with your designated two-factor authentication application.
• Enter the security code generated by your two-factor authentication app.

Step 5. To finish setting up two-factor authentication, please click "Configure Two-Factor Authentication."

Step 6. Upon your next sign-in to WHM, you will be prompted to furnish a two-factor authentication code.

To significantly bolster your server's defenses against unauthorized entry, it's essential to activate two-factor authentication within WHM. This guide will walk you through the process, effectively strengthening your WHM account's security and guaranteeing that only individuals possessing the valid authentication code can gain access.

Updated on: 15/10/2025