This site utilizes JavaScript to function correctly. Looks like it's disabled on your browser. Please enable it for your best experience.

For instructions on enabling JavaScript, click here

Skip to main content
Search

Just Host Web Hosting Help

Two-Factor Authentication

Two-factor authentication, also known as 2FA or two-step verification, is an optional feature designed to prevent anyone but you from accessing your hosting account by requiring two forms of identity verification: your password and an authentication code. 2FA is ideal for anyone looking to increase their account security because stealing your password isn't enough for a hacker to access your account. They would also need access to your mobile device or email account, depending on how you set it up.

This article explains everything you need to know about two-factor authentication and how you can use it on your account.

How Does It Work?

Once two-factor authentication is enabled, logging in to your account will work a bit differently. You'll enter your Just Host username and password as usual, and then you'll be prompted to enter a 2FA authentication code which you'll get from an app on your mobile device or your email. Enter the 6-digit single-use code to complete the login process and access your account. Google Authenticator refreshes the code every 30 seconds, but the refresh rate varies per app. Regardless of the refresh rate, each code is valid for 5 minutes.

You'll be prompted to provide an authentication code in three situations:

  • When a login attempt is made.
  • Upon an attempt to enable or disable two-factor authentication.
  • To validate you're an authorized user on an account when you contact one of our support teams for assistance. In this situation, the authentication code is referred to as a validation token.

Access Two-Factor Authentication

Older Accounts
  1. Log in to your Just Host account.
  2. Click the Accounts menu at the top of the page.
  3. Click Passwords in the submenu.
  4. Scroll down to Two-Factor Authentication.
Newer Accounts
  1. Log in to your Just Host account.
  2. Click the accounts icon in the top right-hand corner of the page, then choose the Validation Token option.
  3. Scan the QR Code with the Google Authenticator App
  4. Click 'here' to complete the setup.

Enable Two-Factor Authentication

Two-factor authentication can be enabled separately for the main account password, the billing password, and each hosting password. However, you can only enable it for the password you used to log in to the account.

Mobile Device Setup

Most users prefer to use an authenticator app (like Google Authenticator) on their mobile device to retrieve the code for 2FA. An authenticator app allows you to access the code at any time, even without internet access. After you've installed an authenticator app, follow the steps below to set up 2FA and link your Just Host account to your device:

  1. Use the authenticator app to scan the QR code or manually enter the Secret Key to add your Just Host account to your device.
  2. Enter the 6-digit code displayed in the app and click Verify Token.

Email Setup

If you'd prefer to receive authentication codes by email, you can set up 2FA to send authentication codes to the email address of your choice. To make your account more secure, we recommend using an email address different from the one listed in the Account Profile.

  1. Access the Two Factor Authentication settings.
  2. Next to "Don't have a smartphone?" Click Click Here to be taken to email setup.
  3. Enter your email address and click Update to have a code emailed to you.
  4. Check your email for the authentication code.
  5. Enter the 6-digit code found in the email and click Verify Token.

How to Disable Two-factor Authentication

You can disable two-factor authentication by following these steps:

  1. Access the Two Factor Authentication settings.
  2. Click Disable Two-Factor Authentication.
  3. Enter the current authentication code and click Disable Two-Factor Auth.

Frequently Asked Questions

Why do I need to enable two-factor authentication?

You don't need to enable two-factor authentication; it's entirely optional. However, it's more common than you realize for a hacker to gain access to your password, so requiring an extra step will protect your account from unauthorized access.

Can I use a different two-factor smartphone application to do this?

Yes, there are several authenticator apps that can be used for this purpose; Google Authenticator is just one we prefer.


I entered the code but then I was redirected to the login screen. What's going on?

The code you entered is outdated or invalid. Individual codes are valid for about 5 minutes, even though Google Authenticator will refresh every 30 seconds and other apps may refresh at a different rate. Check the app or your email to be sure you're using the most recent code. If you have multiple accounts set up on the mobile app, make sure you're using the code for the correct account and that there aren't any spaces.


I'm locked out of my account and can't get a new code. What do I do?

This can happen if you've deleted the account from Google Authenticator (or the app of your choice), if you lost your phone, or for various other reasons. But we can help! Please contact the Billing Department for further assistance.


Will this prevent my websites from being hacked?

No. Enabling two-factor authentication prevents unauthorized persons from accessing your hosting account, but won't prevent criminals from hacking directly into your website by exploiting vulnerabilities in outdated scripts or plugins.


What else can I do to strengthen my account security?

There are many ways that you can keep your account safe. Here are a few tips:

  • Keep your software and scripts up to date.
  • Don't reuse passwords.
  • Don't share your account’s password with anyone.
  • Use a password manager.
  • Don't click the links in suspicious or unexpected emails.
  • Be careful of what you download from the internet.
  • Beware of phishing attempts
Knowledgebase Article 213,841 views bookmark
share
Share or save this via:
tags: account password security


Was this resource helpful?
Helpful Unhelpful


Did this resolve your issue?
Solved Unsolved


Please add any other comments or suggestions about this content:





Recommended Help Content

Office 365: Multi-Factor Authentication
Office 365 requires admins users to set up multi-factor authentication before they can use the account. If customers do not set up their multi-factor authentication within 48 hours, they may be locked out.
Knowledgebase Article 92,323 views tags: authentication factor mfa microsoft multi office

Login Management
Accessing your account is as easy as entering your domain name and password on the login screen, or clicking one of our Single Sign-On options.
Knowledgebase Article 396,544 views tags: authentication factor login management password sign single sso

Validation Token
Validation tokens are an easy way to validate you're an authorized user.
Knowledgebase Article 167,194 views tags: account password security

Related Help Content

Basic Site Security Checklist
What can I do to increase my Site Security while hosting with Just Host?
Knowledgebase Article 421,373 views tags: antivirus basic hacked keyloggers malware php security site

Account Validation
When you call in for help with your account, the account must be validated before our support staff can assist.
Knowledgebase Article 133,776 views tags: account security support validate validation

How to Create a Strong Password
Strong passwords: How to create and use them.
Knowledgebase Article 510,182 views tags: create increase measure meter pass password strength strong

Email Accounts - Change the Mailbox Size Quota
Where do I Change my Mailbox (Size) Quota? How do I Increase or Decrease Mailbox (Storage) Quota?
Knowledgebase Article 428,785 views tags: account change decrease email increase mailbox quota size

Resetting the Password for an Email Account
Instructions for restting your Email Account's Password through cPanel or Webmail
Knowledgebase Article 607,853 views tags: email forgot password reset webmail

Password Types
This article explains the different password types for your justhost account.
Knowledgebase Article 234,359 views tags: billing cpanel hosting main password

Changing the Password for a Resold Account
How to change the password for a Resold account.
Knowledgebase Article 113,096 views tags: change password reseller resold update

Force a password change for a Resold account
How to force a resold account's owner to update their password
Knowledgebase Article 130,366 views tags: force password reseller resold whm

*Promotional pricing is for the first term only and regular rates apply upon renewal. 30-Day Money-Back Guarantee does not extend to domain names.

** Google ad credits are only available to customers in the United States, Canada, and the United Kingdom at this time.

¹ VAT (Value Added Tax) is not included in our advertised price and will be charged separately and itemized on invoices and billing information. Standard VAT rates based on EU Member State regulations may apply. Learn more.