Home WebServer PanelDirectAdmin Using Two-Step Authentication on DirectAdmin

Using Two-Step Authentication on DirectAdmin

by Thạch Phạm
Published: Last Updated on

In this article, AZDIGI will guide you on using a Two-Step Authentication feature on DirectAdmin to protect your DirectAdmin account.

I. What is Two-Step Authentication?

Two-Step Authentication on DirectAdmin is a feature where, even if you enter the correct login information to your DirectAdmin account, DirectAdmin still requires verification of the authentication code generated from Google Authentication, FreeOTP on smartphones, or Authy on computers. This feature is also known as 2FA.

And once Two-Step Authentication is enabled on DirectAdmin, it will secure your DirectAdmin account from brute force attacks.

II. Using Two-Step Authentication on DirectAdmin

To use the Two-Step Authentication feature on DirectAdmin, we need to follow the two steps below.

Step 1: Download the Google Authenticator or Authy app to your device

Depending on the operating system you are using, choose one of the following links to download:

And in this article, I will use the Google Authenticator app on my phone to authenticate login.

Step 2: Enable Two-Step Authentication on DirectAdmin

First, we log in to DirectAdmin as usual, then select the user icon and choose Password as shown below:


After accessing the next page, we will choose Two-Step Authentication to access this feature. And we will select the button Generate Secret as shown in the image below.

Enabling Two-Step Authentication on DirectAdmin for the first time.

On the information screen that appears as shown in the following image, open the Google Authenticator app on your phone and start scanning the QR code below.

The QR code must be scanned along with the security code, which you will use when you can’t access Google Authenticator.

After scanning, you will receive a real-time access code. If you pay attention, you will see the username along with the hostname of the server you are using.

Google Authenticator interface.

You can completely check your authentication code with the built-in tool on this page. If you check and receive the message as below, your authentication code is ready to use.

The two-step authentication verification tool on DirectAdmin after activating this feature.

Then, on this page, you need to check the box for Require valid Two-Step Authentication Code to login to this account.. From then on, whenever you log in to DirectAdmin with this user, it will always require the authentication code.

The Two-Step Authentication feature on DirectAdmin requires a verification code upon successful login.

Now, open the Google Authenticator app on your phone to get the login verification code. You can choose to Trust this device for 30 days, and DirectAdmin will allow your device to log in for the next 30 days without requiring a login verification code.

At this point, we have completed the process of setting up Two-Step Authentication on DirectAdmin. However, you should continue reading the rest of the article to learn more important information related to this feature.

In case you want to access DirectAdmin without going through the login verification code because you cannot access your Google Authenticator device, select the Scratch Codes page to set up backup codes.

The interface of the Scratch Codes backup codes setup page.

On this page, you select Add Codes. These codes are generated for one-time use in case of emergency when you don’t have access to your phone, so keep them safe and use them carefully. It is recommended to set the expiration date for these codes to “Never expire” as shown below:

Generating one-time backup login codes.

There will be 5 codes corresponding to 5 successful logins as shown below. And you should save these login codes somewhere else other than your phone.

Backup code when you don’t have your phone.

After you have successfully logged in, please return to the Two-Step Authentication page to generate a new login code if you want to use it on another mobile device.

Generating a new QR code.

III. Summary

Hopefully, through this article, you know how to enable Two-Step Authentication on DirectAdmin to protect your account against today’s rampant Brute Force attack and how to use backup codes to log in even if you don’t have your phone nearby.

Hope this article will be of help to you. Wishing you success!

See more useful articles about DirectAdmin at the following link:

If you need assistance, you can contact support in the ways below:

Đánh giá

Tham gia nhóm hỗ trợ Server - Hosting

Tham gia nhóm Hỗ trợ Server - Hosting & WordPress để cùng nhau hỏi đáp và hỗ trợ các vấn đề về WordPress, tối ưu máy chủ/server.

Tham gia ngay

Bài viết cùng chuyên mục

AZDIGI – Không chỉ là đơn vị hàng đầu trong lĩnh vực Web Hosting và Máy chủ, chúng tôi mong muốn mang lại những kiến thức bổ ích nhất và luôn cập nhật thường xuyên cho cộng đồng người đam mê thiết kế website, công nghệ,…

Vui lòng không sao chép nội dung nếu chưa xin phép. Designed and Developed by PenciDesign