Diadem Web Hosting Knowledgebase
Search:     Advanced search

Google Authenticator on plesk server

Article ID: 934
Last updated: 06 Dec, 2017
Add comment
Views: 463
Comments: 0

To enhance security further we have added a 2 Factor authentication mechanism to the Plesk panel called Google Authenticator. If you enable this feature you will be prompted for a 6 digit code whenever you access Plesk panel. You will be ask to key in this random code after you successfully have entered your login name and password.

This means that even if a hacker would have obtained your login name and password, they still cannot access Plesk panel as they don't have this code.

Do note that you do need a smart phone with the Google Authenticator app installed.

To enable Google Authenticator

1. Login to Plesk panel
2. Go to Extensions tab from left panel.
3. Install Google Authenticator plugins for Plesk.

4. Go to the Google Authenticator tab from left panel.
5. Tick the box for Enable Multi-factor Authentication.
6. Scan the QR code with your smart phone, and key in the verification code inside the input field.

Or you can use the "Could not scan the barcode?" link and configure the account name and key on Google Authenticator apps installed on your smart phone.
Manually add an account:
Enter your account name: admin@testvm.diadem-tech.com
Enter the key: W76XCFW7IKN2ICMT

7. Now put the Verification code on plesk, which is generated on your smart phone.
8. Then click OK to save.

9. The next that you will login to Plesk panel, after the login name and password you will get this pop-up window. Use your smart phone to generate the next random 6 digit code via the Google Authenticator app and key in this code in the pop-up window.

10. Click OK to login to Plesk panel.

Install and Configure an OTP smartphone app
   
We will use Google Authenticator from our mobile device, to create the confirmation code.

Apps Link for android phone: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en

After installing the Google authenticator, we need to choose Enter provided key and email id by manually and will get a verification code. This 6-digit code will changes after 15 seconds.

Note: Please clear Google Authenticator application's cache every 30 days to work it properly.

Issue:

1. If I have lost my phone. How can I access the Plesk panel?
If user have lost his phone, they need to change the secret account key or barcode which user have to configured at his mobiles for security reason.
1. Go to the server's backend (Shell access) and run the below given command to disable the plugin. Then you will have the direct access again to plesk panel.
2. Then client need to uninstall the security plugin and reinstall it from Extensions tab to change the secret account key or barcode which user have to configure their mobiles.

# cd /usr/local/psa/admin/plib/modules/google-authenticator
# mv /usr/local/psa/admin/plib/modules/google-authenticator /usr/local/psa/admin/plib/modules/google-authenticator-old

2. If client want to change the secret account code or barcode

If client want to change the secret account key or barcode which user have to configure their mobiles. Client need to uninstall the security plugin and reinstall it from Extensions tab.

This article was:  
Add comment
Prev   Next
How to install Wordpress through Plesk     How to install or Renew Lets Encrypt SSL