Adding 2FA on

Hi guys,

Are you thinking about adding 2FA for a better protection (I hope) of client’s licences in a near future?



We’ll take it under advisement, though I’d say ATM it’d be a bit further down the priority list given other pressing matters.

Thanks for the suggestion.

There is 2FA support already available in Webmin, Virtualmin, and even Usermin.

I would suggest starting from looking at enabling it globally at Webmin / Webmin ⇾ Webmin Configuration: Two-Factor Authentication page.

Later, virtual server owners and mail users would be able to enroll for 2FA by themselves.

Webmin users can enable it at Webmin / Webmin ⇾ Webmin Users: Edit Webmin User page, under Security and limits options accordion, by clicking Enable Two-Factor For User button.


He was talking about the website not the products.

Sorry, Peter. You’re right. I missed that.

The best way to protect your Virtualmin account is to use strong password. Although, I will look into adding 2FA in the foreseeable future.

1 Like

I agree: Strong individual passwords are still best. Aside from being an annoyance when one has to log into dozens of sites a day, poorly-implemented 2FA (which predominates, unfortunately) actually increases vulnerability.

The one 2FA method that I think should be absolutely outlawed (which is saying something coming from a libertarian) is SMS. It’s trivially easy to persuade some low-paid call center employee who just wants you off their phone to swap a SIM. I’ve closed accounts at banks and companies that insisted upon using it.


This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.