Require 2FA

Two-Factor Authentication (2FA) enhances security by adding a second step to the login process. It combines something that you know (for example, your password) with a second factor, typically from something that you have (for example, your phone). Requiring both to log in decreases the threat of a leaked password.

By default, 2FA is optional when you configure it, but admins can choose to require it for all admins and users on the WHMCS installation.

Before users can configure 2FA, you must activate at least one service and configure it globally at Configuration () > System Settings > Two Factor Authentication.

Require Two-Factor Authentication

To require users and admins to configure 2FA on their next login:

  1. In the Admin Area, go to Configuration () > System Settings > Two Factor Authentication.
  2. Under Global Two-Factor Authentication Settings, check the desired options.
    Settings to force 2FA use
  3. Click Save Changes.

The next time that each user or admin logs in, the system will require them to set up 2FA.

Last modified: October 30, 2024