cPanel has announced the implementation of two-factor authentication to allow users to protect their accounts; this will also be implemented in WHM version 54, and the feature will be newly available on both interfaces.
It has long been recognized that security is a critical factor when running your website, as you need to make sure your account is as secure and safe as possible. This feature has been one of the most highly requested features on features.cpanel.net and so cPanel wanted to be finally able to bring it to their customers.
After introducing two-factor authentication for their current release tier, cPanel received some concerns from third-party integrators about changes which were being made to the API system. So, they decided to respond to this by extending their Two Factor Authentication system to the API as well; this will increase the overall security of the accounts of cPanel, and it will also prevent a loophole which could allow the Two Factor Authentication to be bypassed.
We decided to extend our Two Factor Authentication system to the API to help increase the overall security of your account and prevent a loophole that would essentially bypass Two Factor Authentication.
This is more complicated the API calls from cPanel's third-party integrators which these integrators use to manage resources controlled by cPanel and WHM. This might cause many third-party applications actually to break, for users with accounts which had Two Factor Authentication enabled.
For the time being, to help mitigate issues this may cause, access to the two-factor authentication functionality has been temporarily hidden:
To help mitigate this breakage and give our integrators time to update their applications we have hidden access to the interface in the WHM User Interface. Root administrators can enable the UI by creating a touch file through the command
The Importance of Two-Factor Authentication
Two-factor authentication, commonly abbreviated to 2FA, is a security measure which adds a new level of security to your login procedure. Usually, with an account which has not got 2FA, you just enter a username and a password, and this is the extent of the verification of who is logging in to your account. Having 2FA means that you not only have the first factor of authentication, which is your password, but you also have another layer.
This layer might be:
- Something you know: This might be a personal identification number (PIN) or another password, or a pattern.
- Something you have: This might be an ATM card, a phone number, or a fob.
- Something you are: This would be something like a biometric detail, maybe a voice or a fingerprint.
This form of verification is not new; it has been around for a while, such as when you use your credit card or log in to your online bank account. It can implement a much higher level of security in your account, and makes it much less vulnerable to hackers because you are using an extra stage in the security process.
How To Implement Two-Factor Authentication In cPanel
To enable the Two Step Authentication UI on your system is simple: just enter the following command:
touch /var/cpanel/enable_twofactor_ui && /usr/local/cpanel/whostmgr/docroot/themes/x/rebuildtmpl
cPanel warns this may cause some third-party applications to break significantly and cause applications to store improperly data. That being said, you should have no difficulties with a standard installation.
CPanel also says that when hosts should take some time out of their schedule and test their various applications with Two Step Authentication.
The need for cPanel to implement Two Step Authentication has long been called for, and so the news will be welcome for many.