Questions about enabling Two-Factor Authentication

FrankP

Registered
Mar 5, 2019
4
0
1
Trois-Rivières, Canada
cPanel Access Level
Root Administrator
Hello,

I was looking forward enabling 2FA for some accounts on my WHM server, i created accounts by creating domains such as username.user because in the documentation about creating a domainless user there was a warning discouraging people from creating those for administrator accounts as it may break something so i am unsure it was appliable for what i wanted to do so enlightenment on this matter would be appreciated but my main question was :

On this page Two-Factor Authentication for WHM - Version 74 Documentation - cPanel Documentation

There is a warning telling :
Warning:

This feature may cause some third-party applications to break significantly, and may cause applications to improperly store data.

I wanted to know if turning on 2fa and enabling it only on my username.user accounts could potentially present any risks for my other account's websites.
Also, can I enable 2FA on my root account and what would be my strategy if it's 2nd factor was to break? Can other accounts deactivate 2fa for root?

Thank you very much for your time.
If something is unclear feel free to try and reform my question as english is not my first language.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @FrankP,

I wanted to know if turning on 2fa and enabling it only on my username.user accounts could potentially present any risks for my other account's websites.
Two Factor Authentication is only applicable with cPanel and WHM logins at this time. It's not enforced when logging in to other services (e.g. SSH, FTP). Enabling it will not restrict access to individual websites served via Apache.

Also, can I enable 2FA on my root account and what would be my strategy if it's 2nd factor was to break? Can other accounts deactivate 2fa for root?
You could access the server via SSH as root and disable 2FA using the command below:

Code:
whmapi1 twofactorauth_disable_policy
Let me know if you have any additional questions.

Thanks!
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter

xxwillc

Registered
Mar 7, 2019
1
0
1
Montreal
cPanel Access Level
Website Owner
Hi new to the forum here

I had 2fa on whm tried to disabled it by ssh

mv -v /var/cpanel/authn/twofactor_auth/tfa_userdata.json{,.bak}; echo ‘{}’ >> /var/cpanel/authn/twofactor_auth/tfa_userdata.json

now i'm stuck with err500