Two-Factor Authentication (2FA)

Two-factor authentication (2FA) is an additional layer of protection to secure your account against unauthorized logins even in the event that someone knows your password. SiteHost recommends 2FA be enabled for all accounts.

How Does It Work?

With 2FA enabled, you are required to provide something you know (your password) and something you have (your mobile phone) in order to log in.

When you login to the SiteHost Control Panel, you will enter your username and password as usual. You will then be prompted to enter a 6 digit code that is generated from an app like Google Authenticator from your iOS or Android phone. Alternative TOTP compatible apps such as Authy are also supported.

How Do I Enable 2FA?

Install your preffered 2FA app.
Log in to the SiteHost Control Panel.
Click Account from the left menu.
Select Two Factor Auth from the navigation tab.
Click the Add 2FA Method button in the top right.
Open your 2FA app and follow the steps.
Enter the 2FA code generated by your app.
Click Activate 2FA.

How Do I Disable 2FA?

Install your preffered 2FA app.
Login to the SiteHost Control Panel.
Click Account from the left menu.
Select Two Factor Auth from the navigation tab.
Find the 2FA method you want to disable and click the remove icon.
You may be prompted to enter your 2FA code if it is activated as a security precaution.

Frequently Asked Questions

I Lost My Phone or My Code Doesn't Work

Please contact us over phone or email. Be prepared to provide proof of account owenership.

My 2FA Method Says "PENDING ACTIVATION"?

You have added a 2FA method but have not finished the enrollment process. Click on the method and follow the instructions to activate the method.

An Expired Token Still Works?

Tokens are valid for 30 seconds each, aligned to epoch time. The standard implementation allows the code before and after the current code to account for time drift between your device and our systems.