Keeping this in mind, we have added support for two step authentication to get into your customer portal account AND your cPanel hosting accounts. In this age of phishing attacks and identity thefts, relying on login passwords alone does not guarantee security. We employ industry standard security standards, excellent firewall software and personal monitoring but no matter how strong or complex your primary password might be, your account stands the risk of a breach if your password happens to fall into the wrong hands.
Two Factor Authentication (TFA) provides an additional layer of security around your account. As it requires two successive factors – ‘something you know’ (your password) and ‘something you have access to’ (your mobile phone, for example), it helps greatly reduce account compromises due to phishing attacks and other online frauds.
To enable TFA for your customer portal (for invoices/ordering) you need to first login to your customer portal account here with usual credentials. Then click on your name in the top right drop down menu and select 'Security Settings'. Then follow the instructions available on screen to set up TFA. Be sure to save the backup code you are presented with.
To enable TFA for your cPanel control panel (for website control) you need to first login to your cPanel account with usual credentials. Then scroll down to the 'Security' section of the cPanel homepage and click on 'Two-Factor Authentication'. Then follow the instructions available on screen to set up TFA. Be sure to save the backup code you are presented with.
Please be aware that TFA is currently only available for single use logins. If a number of staff log in to your client/cPanel account (corporate site etc) you should consider a shared device for authentication otherwise you would be unable to login if that person was not present. Once TFA is enabled with the Google Authenticator app you'll then receive a uniquely generated verification code which you should enter to complete the login process.
Optional, but highly recommended
Two Factor Authentication is completely optional. But, from security standpoint it is highly recommended. Security benefits of TFA far outweigh the minor inconvenience of having to authenticate through two successive stages.
More information on TFA
If you lose your mobile phone …
Since the second factor of authentication depends on your mobile phone, if you happen to lose your phone, you’ll lose access to account too. To circumvent this, when you set up TFA you'll receive a backup code. We suggest that you print the backup codes and keep them in a secure place.
In addition, whilst you are logged in to your client account please take the time to ensure the details we hold for you are correct, including a contact telephone number. In the rare circumstance that you lose your mobile phone and cannot locate your backup codes, you can email firstname.lastname@example.org for help and we'll get in touch with you to ensure it is you we're speaking to, to help.
We don’t recommend disabling TFA as it takes away the extra layer of security. However, if there is a pressing need, you can disable TFA for your account from the same 'Security Settings' page that you enabled it on.
We invite you to try two factor authentication to secure your account right away.
Tuesday, January 26, 2016
Powered by WHMCompleteSolution