Knowledgebase

YubiKey

YubiKey is a hardware-based two-factor authentication (2FA) device that provides an additional layer of security for accessing online platforms, including WHMCS. It generates one-time passcodes (OTP) that users must enter along with their regular login credentials. Here's how you can set up YubiKey for administrators in WHMCS:

Setting Up YubiKey for WHMCS:

  1. Purchase and Set Up YubiKey:

    • Acquire YubiKey devices for each administrator who will use them for authentication.
    • Follow the manufacturer's instructions to set up the YubiKey for use with OTP.

  2. Install YubiKey Plugin for WHMCS:

    • Download and install the YubiKey plugin for WHMCS from the WHMCS Marketplace or directly from the Yubico website.

  3. Configure YubiKey Plugin:

    • In your WHMCS admin panel, go to "Setup" > "Addon Modules".
    • Locate the YubiKey module and click "Activate".

  4. Configure API Key:

    • Obtain an API key from the Yubico website by creating a new Yubico account or logging in to your existing one.

  5. Enter API Key in WHMCS:

    • In the YubiKey module settings, enter the API key provided by Yubico.

  6. Set Up Users in Yubico:

    • In the Yubico admin panel, add the users who will be using YubiKey for authentication.

  7. Configure User Accounts in WHMCS:

    • In WHMCS, go to "Setup" > "Staff Management" > "Administrators".
    • Edit the administrator accounts you want to enable YubiKey for.

  8. Enable YubiKey for Administrators:

    • In the administrator's profile, locate the "Two-Factor Authentication" section.
    • Choose "YubiKey" and enter the Public Identity of the corresponding user in Yubico.

  9. Testing YubiKey:

    • Log out of your WHMCS admin panel and log in again. You should be prompted to authenticate using YubiKey.

  10. Authenticate with YubiKey:

    • Insert your YubiKey into a USB port or follow the manufacturer's instructions for the specific YubiKey model you have.

    • Press the YubiKey button to generate an OTP. The OTP will be automatically entered into the authentication prompt.

    • If successful, you will gain access to the WHMCS admin area.

Best Practices for Using YubiKey:

  • Encourage 2FA Use: Encourage all administrators to use YubiKey for two-factor authentication.

  • Recovery Codes: Some 2FA setups provide recovery codes. Encourage administrators to store these codes securely in case they are unable to access their 2FA device.

  • Education and Training: Provide training on 2FA and its benefits to all administrators.

By setting up YubiKey with WHMCS, you add an extra layer of hardware-based security to your admin area, helping to protect sensitive information and prevent unauthorized access.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Downloading WHMCS

To download WHMCS (WebHost Manager Complete Solution), follow these steps: Visit the WHMCS Website: Go to the official WHMCS website at https://www.whmcs.com/. Navigate to the Download...

Installing ionCube Loader

ionCube Loader is a PHP extension that allows you to run encoded and secured PHP files. If you need to install ionCube Loader, follow these general steps: Download ionCube Loader: Visit the...

Creating a Database

Creating a database involves several steps, including planning, choosing a database management system (DBMS), designing the schema, and implementing it. Here's a step-by-step guide to help you...

Database Privileges

Database privileges are permissions that control what actions users or roles can perform within a database. These privileges ensure that only authorized users can access, modify, and manage the...

Installing WHMCS

WHMCS (WebHost Manager Complete Solution) is a popular billing and automation platform for web hosting companies. Here's a step-by-step guide to help you install WHMCS: Download WHMCS: Go...