Set Up Two-Factor Authentication in Webmail

Here, we cover the steps to enable or disable two-factor authentication (2FA) for the Roundcube webmail client in cPanel.

Two-factor authentication (2FA) is an improved security measure that requires two forms of identification: your password and a generated security code.

When 2FA is enabled, an app on your smartphone supplies a code you must enter with your password to log in.

IMPORTANT: This feature is only available in cPanel version 114 and newer. It must be enabled in WHM.

Related Articles

Check Email in Webmail
Change Email Password
Set Up Two-Factor Authentication in cPanel
Set Up Two-Factor Authentication in WHM

Enable 2FA

1. Log into Webmail
2. From the Webmail management screen, click on Two-Factor Authentication
   
   NOTE: If the email account has been configured to open the inbox upon login, you will need to click the Webmail Home button.
   
   
3. Click the Set Up Two-Factor Authentication button
   
4. Scan the QR code with a supported time-based one-time password (TOTP) app, such as Google Authenticator, on your smartphone
   
   NOTE: Alternatively you can enter the Account and Key details from the section below the QR code into your authenticator app to configure it manually.
5. Enter the security code generated by your authenticator app in the Security Code field
   
   NOTE: You must enter the security code within 30 seconds. After time expires a new code will be generated.
6. Click the Configure Two-Factor Authentication button

Disable 2FA

1. Log into Webmail
2. From the Webmail management screen, click on Two-Factor Authentication
   
   NOTE: If the email account has been configured to open the inbox upon login, you will need to click the Webmail Home button to access the Webmail management page.
   
3. Click the Remove Two-Factor Authentication button
   
4. Click the Remove button to confirm