Objective: This extension offers additional user account protection with multi-factor authentication. After enabling Google Authenticator, a second step is added to the Plesk login procedure: in addition to their password, users must provide a one-time passcode generated by the Google Authenticator application installed on their mobile device.
Read more about Google Authenticator and other authentication-related extensions.
Step 1: follow the steps to install google-authenticator extension
1: Visit the URL http://<your_domain>:8880 or https://<your_domain>:8443 (For SSL) and login using your username and password.
2. Go to Extension from left-menu, go to my extension, select the authentication from the top dropdown to filter types. Click on Google Authenticator.
3. Click on Install.
4. Extension is successfully installed.
5. Now click go to extension.
6. Enable the multi-factor authentication, it will expand with following details.
You can enable it by, Scanning the QR code with your smart phone, and key in the verification code inside the input field.
Or you can use the "Could not scan the barcode?" link and configure the account name and key on Google Authenticator apps installed on your smart phone.
7. On success a pop-up will shown.
Step 2: Steps to access the dashboard by login with Google Authentication
1. Visit the URL http://<your_domain>:8880 or https://<your_domain>:8443 (For SSL) and login using your username and password. A pop-up will open as given below,
2. Input the code that shown in your Mobile App and click OK.
3. Logged in successfully, now the plesk dashboard will appear.
Step 3: To disable or remove the extension, steps are as follows
1. Go to Extension, and click on My Extension.
Select the Google Authentication and click on Disable or Remove button.
Note:Please clear Google Authenticator application's cache every 30 days to work it properly.
If I have lost my phone. How can I access the Plesk panel?
If user have lost his phone, they need to change the secret account key or barcode which user have to configured at his mobiles for security reason.
1. Go to the server's backend (Shell access) and run the below given command to disable the plugin. Then you will have the direct access again to plesk panel.
# /usr/local/psa/bin/extension -l (To get the correct name of Google Authenticator extension)
# /usr/local/psa/bin/extension -u <name> (to remove the extension)
2. Then client need to uninstall the security plugin and reinstall it from Extensions tab to change the secret account key or barcode which user have to configure their mobiles.
# cd /usr/local/psa/admin/plib/modules/google-authenticator
# mv /usr/local/psa/admin/plib/modules/google-authenticator /usr/local/psa/admin/plib/modules/google-authenticator-old
If client want to change the secret account code or barcode
If client want to change the secret account key or barcode which user have to configure their mobiles. Client need to uninstall the security plugin and reinstall it from Extensions tab.