How to use Google Authenticator to enable Two-Step Authentication (2FA)



To enhance the security of your web hosting account, users can optionally enable Two-Step Authentication (2FA) as an additional safety precaution when logging into the DirectAdmin web control panel.



In order to use Two-Step Authentication you need to download the Google Authenticator App for your phone (or equivalent), and scan in the QR code.

Before you begin, please confirm your mobile device system clock is in sync.

  1. Please install Google Authenticator in your mobile device
    • Android users can download Google Authenticator from the Google Play Store
    • iOS users can download Google Authenticator from the Apple App Store
  2. Login to DirectAdmin and click Advanced Features > Two-Step Authentication
  3. Optional: Users of the "Enhanced" theme for DirectAdmin can click on the Password link. In the Password page click Two – Step Authentication
  4. Click Generate Secret, the system will generate a QR code
  5. Now, please turn on your Google Authenticator and tap on the red + icon
  6. Scan the QR Code
  7. Go back to the DirectAdmin control panel from where you can test whether your code is valid or not
  8. If the QR code is valid, you can enable “Two-Step Authentication” by placing a checkmark at "Require valid Two-Step Authentication code to login"
  9. Set API permissions if required and enable failed login notifications
  10. Click Save



Scratch Codes

You can also add Scratch Codes that can be used in case of emergency when you don't have access to your phone. Press the Add Codes button to generate the scratch codes.

You will have to choose an expiry date for the scratch codes. Enter a desired expiration date and press the Add Codes button again. A table of generated codes will appear. Write them down or print them by pressing the Print button.




    • Screen captures of QR codes, kept in a safe place can be useful in case you lose your mobile device. You can use another device to complete the same procedure to recover access to your account.
    • The code will be updated once every minute approximately
    • Ensure that the system time of your mobile device is in sync. Google authenticator uses system time and QR codes to generate your one-time code


For Google Authenticator installation, please refer to


  • 0 Users Found This Useful
Was this answer helpful?

Related Articles


This document provides information about subdomains. Topics include creating subdomains, removing...

How Do I Create an autoresponder?

  Autoresponders are e-mail robots that reply to all incoming messages with a standard outgoing...

Install and generate a Private Key for SSL Certificates with DirectAdmin

This section covers: Certificate installation requirements How to use the server's shared...

E-Mail Setup in DirectAdmin

This article covers: How to create e-mail accounts How to set a catch-all address vacation...

Create FTP Accounts in DirectAdmin

  Creating FTP Accounts To create an FTP account, first click on the "FTP Managment" link under...