Introducing Two-Factor Authentication

What is it?
Two-factor authentication adds an additional layer of security by introducing a second step to your login. It takes something you know (i.e.: your password), and adds a second factor, typically something you physically have (such as your phone). Since both are required to log in, in the event an attacker obtains your password two-factor authentication would stop them from accessing your account.

Why do I need it?
Passwords are increasingly easy to compromise. They can often be guessed or leaked, they usually don’t change very often, and despite advice otherwise, many of us have favourite passwords that we use for more than one thing. So Two-factor authentication gives you additional security because your password alone no longer allows access to your account.


How does it work?
Time Based One-Time passwords requires downloading an OATH application onto your smartphone or tablet, and optionally a bar-code reader. Once activated a pop-up screen will present a QR code, with optional manual code to enter into your smartphone or tablet.
Once scanned or entered, a time based one time password will appear within your OATH application providing the second form of verification used to log in.

Additionally, a backup code is presented which should be stored in the event that your smartphone or tablet is not accessible and you wish to gain access into WHMCS.


How do I enable Two Factor Authentication?
To enable Two Factor Authentication, visit https://www.whmcs.com/members/clientarea.php?action=security with your smartphone or tablet at the ready.
Click the green "Click here to Enable" button. Then follow the on-screen prompts.

  • two factor
  • 1575 Users Found This Useful
Was this answer helpful?

Related Articles

Which app do I need for Two-Factor Authentication?

Our Two-Factor Authentication uses a system called 'Time Based Tokens'. There are many compatible...

I don't have my Two-Factor Authentication device with me

Should you need to login to the client area but don't have the device upon which you configured...

I no longer have my Two-Factor device and/or backup code

On occasion you may no longer have the device upon which you configured two-factor authentication...

Powered by WHMCompleteSolution