Two-factor authentication (2FA) adds a second check on top of your client area password. Even if someone obtains your password, they can't sign in without also having your phone. Enabling it takes about two minutes.

Strongly recommended. Your client area controls billing, domains, and access to all of your hosting. 2FA is the single most effective step you can take to keep your account secure.

What you'll need

  • An authenticator app on your phone. Any TOTP-compatible app works — popular options are Google Authenticator, Authy, Microsoft Authenticator, or the built-in authenticator in password managers like 1Password and Bitwarden.
  • A safe place to store your backup codes (password manager, or a printed copy).

Enable two-factor authentication

  1. Log in to the client area. Click your name in the top right and choose Security Settings from the dropdown.

  2. On the Security Settings page, click the Two-Factor Authentication tab, then click Click here to Enable.

    Security Settings page with the Two-Factor Authentication tab active and the Click here to Enable button highlighted

  3. Select Time Based Tokens (TOTP) and click Get Started.

  4. Scan the QR code with your authenticator app. The app will add a new entry for CanSpace and start generating a 6-digit code that changes every 30 seconds.

  5. Type the current code from your app into the confirmation field and click Submit.

  6. Save your backup code. The confirmation screen shows a one-time backup code — copy it somewhere safe (password manager is ideal). This is what gets you back into your account if you lose your phone.

You're done. From now on, every login will ask for your password plus the current code from your authenticator.

Logging in with 2FA enabled

  1. Enter your email and password as usual.
  2. The next screen asks for your 6-digit code.
  3. Open your authenticator app, find the CanSpace entry, and type the current code.
Code always invalid? TOTP codes depend on the clock on your phone. If your phone's time is even a minute off from the server, codes will be rejected. Most authenticator apps have a "sync time" option in their settings — use it, then try again.

If you lose your phone

You have two ways back in:

  1. Use your backup code on the 2FA prompt — it bypasses the authenticator. Each backup code is one-time-use; generate a new one from Security Settings once you're signed in.
  2. If you don't have a backup code, open a support ticket from an email address that matches your account. We'll verify your identity and disable 2FA so you can get back in.

Disabling 2FA

If you want to turn 2FA off, go to Security Settings, click Disable in the Two-Factor Authentication section, and confirm with your current code. We strongly recommend leaving it on — but the option is there.

Related articles

Locked out and need help? Open a support ticket

Răspunsul a fost util? 0 utilizatori au considerat informația utilă (0 Voturi)

Cele mai populare articole

Unblock your IP (CSF firewall)

Our servers use a firewall that automatically blocks IP addresses after repeated failed logins —...
How to tell if an email is really from CanSpace

Phishing emails that impersonate hosting companies are common — a convincing-looking "your...