Two-Factor Authentication (2FA) enhances security by adding a second step to the login process. It combines something that you know (for example, your password) with a second factor, typically from something that you have (for example, your phone). Requiring both to log in decreases the threat of a leaked password.

Enable 2FA Globally #

To enable Two-Factor Authentication globally for your WHMCS installation:

1. Go to Configuration () > System Settings > Two Factor Authentication.
2. Click Activate under the service that you would like to enable.
   
3. Select or deselect the following settings to enable or disable 2FA for users and admins:
   • Enable for use by Clients (for users)
   • Enable for use by Administrative Users (for admins)
4. Configure any additional configuration settings for your chosen method.
   Duo® Security and YubiKey require additional configuration.
5. Click Save.

You can repeat these steps for each service that you want to enable.

Last modified: October 30, 2024