SiteGround is the most popular hosting company. As popular they have amazing features same as other premium hosting providers have. 2 Factor Authentication also known as 2FA protection is one of them. In this article, you will talk details about how you can login to SiteGround using 2FA and secure your cPanel or Hosting which prevents being hacked.
Know First, What is 2FA?
Two-factor authentication (2FA), often abbreviated to “2FA”, means that when logging into a SiteGround account you will need more than just your user name and password. The extra requirement is an additional piece of information known only to you (and not necessarily connected with your SiteGround account). This ensures
You are the only person who knows this special data or can access it directly on your smartphone/tablet. This means that even if someone gets hold of your login details, they cannot log in without also having hold of the second factor; this information does not exist on any servers at any time and is never stored anywhere except locally on your device(s).
The second factor may be either:
a. Something you have. For example, an app or a device that displays a unique code.
This is the most popular type of 2FA in use today since it’s by far the easiest one to set up and has no major drawbacks. The main point of difference between various services that support this method of 2FA is how they handle the second step after logging in (in other words, after entering your login + 2nd-factor credentials).
These are two examples:
- The user is redirected into SiteGround landing page where they enter their application-generated authentication code before being granted access to their account. Some apps even allow you to save this single-use code for future logins when offline; more on this later.
- The user is redirected into a SiteGround landing page where they enter their application-generated authentication code and then are logged into their account automatically (without the need to use the “cancel” button). Other apps will make you manually cancel out of the login process if you don’t want to log in right away; this way you can save one set of 2FA credentials for later use, but must generate a new set when logging in. Both such setups are far from ideal since they allow people who have hacked your device or obtained access to your session on another system to easily log in and gain access to your SiteGround account without so much as creating an actual second factor for themselves.
For this reason, we advise you to use the first option for accessing your SiteGround accounts with 2FA. If you use Windows, there is a small application that adds an entry to your right-click context menu called “Generate code”; you can find it on the Google Code website or here. This will allow you to quickly generate and copy authentication codes without having to go through any app setup — just make sure that this app is not disabled on your device if you plan to enable two-factor authentication with something else!
Something you are. For example, a fingerprint or voiceprint reading from a microphone.
This method is more secure than using something you have (although both have advantages), however depending on factors such as ambient noise level and whether your computer’s microphone is properly calibrated, it may not be the best option for everyone. If you’re running Windows, there is an app that can help you set up a voice recognition system for your device.
With 2FA enabled and configured properly, attackers will need access to both: your login credentials ( which they might have obtained through any of various means ) AND also the physical device(s) on which you use your 2FA authenticator app(s). If you do happen to lose control of even one of these things, you should always immediately disable 2-factor authentication by emailing our support team or contacting them via live chat. That way if someone gets hold of your login details in the future — and presuming they don’t know about disabling 2-factor authentication — all they’ll be able to do is lock you out.
Login to SiteGround using 2FA mobile device app
In order to use this method of 2FA with your SiteGround account, you need:
Your SiteGround login credentials A Google Authenticator application for the device from which you will be accessing your SiteGround hosting account. You can install it on an Android phone or tablet, iPhone or iPad, Windows Phone 7 and 7.5 or 8 , BlackBerry ( no BB10 support yet ), and even Symbian. The only exception here is if you’re accessing your account through cPanel’s web interface; in that case, installing an authenticator app won’t help since cPanel does not currently offer 2FA as an option.
3. Now log in to your SiteGround control panel using either the user name and password or your Yandex account credentials (same as the last section).
4 . You’ll now see an option for activating 2-factor authentication; click on that button:
5 . Okay, here you can choose between two different ways of setting things up — use the authenticator app, or use SMS messages. Click on the one you want to set up first: I personally recommend using a smartphone with a good-quality camera since it will be much less hassle later when accessing your hosting via the smartphones’ web browser. However, there’s also an advantage to using SMS messages, which is that you should be able to access your SiteGround accounts even from a brand new smartphone that you have just acquired.
a) Authenticator app method (use this!)
If you’re using an Android device, choose “Authenticator App” and click on the Next button to continue. This will bring up a screen prompting you to scan the QR code with your authenticator app’s camera:
Now open your Google Authenticator application for Android or iPhone; it should find the SiteGround server automatically. You’ll get a dialog box asking you to enter in a 6-digit number, which is shown at the bottom of your device screen; do so and then press Done: At this point, two things happen: first, a confirmation message will be sent to the email address associated with your SiteGround account. Second, you will be asked to re-enter your SiteGround login password.
Now that the SiteGround server has been added to your authenticator app, each time you log in from an Android device or iPhone, you’ll get a six-digit number to enter into the fields here; do so and click on Continue: You now need to double-check everything’s correct and finish setting up two-factor authentication by clicking on Activate Two-Factor Authentication. If all went well, after this point you should never have to grant access again; at the very least when logging in from any new Android or mobile device.
b ) SMS message method (unrecommended)
If you’re using an iPhone with cPanel installed, choose “SMS message” and click on the Next button. (Note that this option is only available for iPhone users with cPanel).
Now enter in your SiteGround account email address, which will be used to send you an activation code via SMS text. Click on Next: A confirmation will now be sent to the email address associated with your SiteGround hosting account. At this point, you’ll get a six-digit number to enter into the fields here; do so and then click Continue: And don’t forget to check off Activate Two-Factor Authentication at the bottom of the next screen!
c) Using Yandex as Secondary Auth
If you have secondary authentication enabled for your SiteGround account, then make sure it’s Yandex before continuing. If you do not have secondary authentication enabled, then skip this step. After completing steps 1 and 3-4 in the “Enter your SiteGround password” section above, you will land on a page where you can add Yandex as an additional authentication method:
If you already have Yandex configured on your account (step 2), then enter the password for Yandex here. Otherwise, click on SAVE at the bottom of the next screen to go back and complete that setup first. Now you will be directed back to the two-factor auth setup screen.
Conclusion of Login to SiteGround
As you can see, implementing a two-factor authentication system is not as difficult as it sounds. A little digging online will reveal some of the other methods used by SiteGround to keep your account safe; they include IP address-based access control, use of unique browser cookies created each time you log in, and if you’re on a shared hosting plan then limiting SSH access only to trusted computers (i.e. your own computer).
To sum up, keeping your SiteGround cPanel account secure is an absolute must – you wouldn’t want this beautiful web space taken over by someone else! So do yourself a favor and take a few minutes to get 2-factor authentication set up today. Your site security will thank you for it later!