Have you ever feared that someone might gain access to your VPS web panel? Of course I have. That's one more reason to use MFA (Multi-Factor Authentication). MFA seems like a small step, but it protects your servers much better for your users. Let me describe how I use MFA to enhance security on my servers, and why I consider it worthwhile.
• Authenticator Apps: Apps like Google Authenticator, Authy, etc. These methods are fast and standalone, meaning you do not need to be connected to the Internet for them to work.
• SMS or email codes: These methods are generally easy to use, but codes can be intercepted.
• Hardware keys: A physical key like a YubiKey. While these can be the safest, they can be more expensive.
For day-to-day logging, I use authenticator apps. For my primary admin accounts, I have a hardware key also set up. This provides me with a lot of peace of mind.
Advantages of MFA
Passwords are no longer sufficient. A hacker can easily guess a password, or even steal it. MFA provides one more layer of authentication before someone is allowed to log in or perform an action. Even if a hacker steals your password, they will still have to get the second factor to log in. Think of MFA as a double lock on your front door; it will not keep out a determined intruder, but it gives you an extra layer of security.Best Practices for Using MFA
There are a number of methods for using MFA, and here are the most common methods I use and recommend.• Authenticator Apps: Apps like Google Authenticator, Authy, etc. These methods are fast and standalone, meaning you do not need to be connected to the Internet for them to work.
• SMS or email codes: These methods are generally easy to use, but codes can be intercepted.
• Hardware keys: A physical key like a YubiKey. While these can be the safest, they can be more expensive.
For day-to-day logging, I use authenticator apps. For my primary admin accounts, I have a hardware key also set up. This provides me with a lot of peace of mind.
How To Enable MFA in Your Web Panel
Most popular web panels such as cPanel, Plesk, or Webmin already support MFA, and the process is simple to follow:- Log in to your panel and go to your security or account settings.
- Enable MFA and select an option - app, SMS, hardware key, etc.
- Follow the instructions and scan your QR code directly from the app on your phone.
- Once you have set your MFA up, check you can login from a second device for a test (if using SMS, or an email, make sure it is a different type of MFA code).
Tips for the Best Use of MFA
MFA can be even easier to use if you plan ahead:- If you're using more than one of the same device (say, two phones or tablets), rename each device to keep track.
- Create your recovery information and update it.
- Consider strong passwords in addition to MFA to maximize security.
