Securing Your Web Hosting Account: Best Practices for Password Management and Two-Factor Authentication

**Description:**A step-by-step guide for shared hosting customers to enhance account security, prevent unauthorized access, and implement Two-Factor Authentication (2FA) to protect your hosting resources.

Why Account Security Matters

Your web hosting account is the gateway to your websites, data, and emails. Weak passwords or poor security practices can lead to unauthorized access, data theft, or even website defacement. Taking proactive steps to secure your account is essential.

Password Management: Best Practices

1. Use Strong, Unique Passwords

Never reuse passwords across multiple accounts.
Password requirements:
- At least 12 characters
- A mix of uppercase, lowercase, numbers, and special symbols
- Avoid dictionary words, names, or predictable patterns

Example of a strong password:

Yx9!pzLr$4bqR2wE

2. Change Passwords Regularly

Update your cPanel, client area, FTP, and email passwords every 3-6 months.
Immediately change passwords if you suspect any compromise.

3. Use a Password Manager

Store and generate passwords securely with tools like Bitwarden, LastPass, or 1Password.
Avoid storing passwords in browsers or unsecured documents.

How to Update Your Hosting Passwords

Updating Your cPanel Password

Log in to your Brixly client area.
Navigate to Services > My Services and select your hosting account.
Click Login to cPanel.
In cPanel, click on Password & Security under the Preferences section.
Enter your old password, then your new strong password (see requirements above).
Click Change your password now!

Updating FTP Passwords

Log in to cPanel.
Go to Files > FTP Accounts.
Locate the FTP account to update and click Change Password.
Enter and confirm your new password, then click Change Password.

Updating Email Account Passwords

In cPanel, go to Email > Email Accounts.
Click Manage next to the email address.
Enter a new strong password and click Update Email Settings.

Enabling Two-Factor Authentication (2FA) for cPanel

2FA adds an extra layer of security by requiring a second code (usually from your mobile device) in addition to your password.

Step-by-Step: Enable 2FA in cPanel

Log in to cPanel.
Under the Security section, click Two-Factor Authentication.
Click Set Up Two-Factor Authentication.
Open your authenticator app (e.g., Google Authenticator, Authy).
Scan the QR code displayed on the screen.
Enter the 6-digit code generated by your app.
Click Configure Two-Factor Authentication.

You’ll now need both your password and the code from your authenticator app to log in to cPanel.

Additional Security Tips

**Enable 2FA on your Brixly client area:**Go to your client area > Security Settings > Enable Two-Factor Authentication.
Log out after each session—especially on shared computers.
**Monitor login activity:**In cPanel, review the Last Login section and check for unfamiliar IPs or times.
**Use secure connections:**Always access cPanel, FTP, and email using SSL/TLS (i.e., https://, ftps://).

Troubleshooting & Common Issues

Can't Access cPanel After Changing Password?

Ensure your password manager is updated with the latest password.
Try resetting your password via the Brixly client area if forgotten.

2FA Code Not Working?

Double-check your device’s time settings.
If locked out, use your backup codes or contact support to reset 2FA.

Suspicious Account Activity?

Change all related passwords immediately.
Check your account for unfamiliar files or scripts (use File Manager in cPanel).
Enable or review 2FA status.

Summary

Securing your hosting account is your responsibility—and it’s straightforward with the right practices. Always use strong, unique passwords, enable Two-Factor Authentication, and stay vigilant for suspicious activity. For extra peace of mind, update your passwords regularly and use a reputable password manager.

Stay proactive—your website’s security starts with you!