share 2FA with multiple users

carock

Well-Known Member
Sep 25, 2002
268
9
168
St. Charles, MO
2FA is designed to identify an individual, however we only get one cPanel login per account.

To be able to have 2FA and have multiple people be able to log in, would we just save the page with the QR code and pass it around amongst ourselves?

The doc says each time you run the 2FA configuration, any previous configuration will no longer work. So each person that needs to login and still have 2FA can't each have their own 2FA "key" so to speak. Right?

Or am I completely confused and this isn't how it works at all? :)

Thanks,
Chuck
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
10,360
1,628
363
cPanel Access Level
Root Administrator
Hey there! I suppose you technically could set something up like that, but that's not really in the spirit of great security.

I believe the section of the documentation you're referencing is this:

"2FA supports only one concurrent session for any user. If you open several browser windows to cPanel and log out in one of them, the server will log out the other windows."

so if you have multiple people trying to access it at the same time, only the most recent session will work properly.
 

carock

Well-Known Member
Sep 25, 2002
268
9
168
St. Charles, MO
I meant more like the customer paying for the account has access, then they hire a developer that they want to give access to, or they have multiple system admins there that may need access.

There wouldn't be a way that is obvious to me to be able to "share" the same cPanel account login for with all those people with 2FA enabled unless they all used the same key to setup their 2FA application.

I just wanted to verify my thinking in this scenario. I have several customers including our own business subsidiaries that have multiple people use the cPanel login for their account.

The only reason this came up is one of my customers is enabling 2FA to comply with cyber insurance "requests" and they will have this scenario where multiple people will need to be able to use the cPanel account login.

We too are going through a similar cyber insurance list of desired requirements to keep our premiums low and 2FA may also be required by our security group for the cPanel servers we use for ourselves.

I wanted to make sure there wasn't another feature or mechanism with the 2FA in cPanel I'm overlooking. And also a sanity check that I'm not just being stupid. :)

Thanks,
Chuck