Paper Lantern for cPanel accounts is being retired this year. Find out more »
cPanel & WHM Version 102 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Require 2FA Entry for root before Disabling or Removing 2FA for root (Two Factor Authentication)

Tanner W. shared this idea 5 years ago
Open Discussion

To follow industry best practices, it is common to require additional authentication before allowing for password related changes (similar to enabling or disabling 2FA). I would suggest that for the root account, even from an active session by root account in WHM -- before allowing removing 2FA that the root account must enter the current 2FA code before disabling it is allowed (Similar to how a Google Account requires the user to enter the active 2FA code as they setup and enable 2FA the first time around, to confirm they've set it up right before permanently requiring the user to enter 2FA from then on).

Leave a Comment
Attach a file