Two factor authentication (2FA) for Service and Additional Admin Accounts
Currently Plesk supports Clef and Google Authenticator for Plesk admin accounts.
However if a customer creates additional user accounts (service accounts with owner rights for example) the 2FA option is not available.
We would appreciate this feature especially in combination with multi-server management, where one customer may have multiple admins and multiple domain subscriptions.
-Philipp

-
Christos commented
We vote for that.
It is strongly recommended that every user logging into Plesk adhere to the requirement of implementing Two-Factor Authentication (TFA).
-
Rafał commented
i vote for it
-
Adrian Herber commented
In today's environment of sophisticated online attackers, 2FA is an extremely important security measure.
Plesk is long overdue to implement proper full support.
-
Grzegorz commented
I have no words to say why this has been not been introduced to Plesk security settings
-
Gerinho commented
With Plesk as a major component in our web infrastructure and many of us pleskians have (a lot of) customers login into Plesk continuously, it's unacceptable that - 5 years after Philipp initially posted for this feature request - 2FA / MFA is available and working for the super admin only. With 2FA / MFA as the new standard for better authentication security at any other major platform / application / web service these days, I do not even know how to explain our customers that Plesk doesn't have 2FA for them. Again, we're not talking about a single website or subscription here, this concerns Plesk; a MAJOR component in our whole web infrastructure and thus millions of servers, users, customers, websites, etc etc. Unacceptable.
-
Berni Liechti commented
We need to be able to enable 2FA for additional admin accounts.
To not have 2fA is a massive security risk.
-
Thomas commented
Plesk really needs more than 4 years to offer this most basic security feature out of the box??
-
Anonymous commented
We need to be able to enable 2FA to secure all subscriptions and admin accounts. This is so important with recent spoofing emails. Why in 2021 is this not in place?
-
Kaz commented
I am honestly surprised how few people seem to be taking security seriously.
2fa should be mandatory security feature.And I agree, subscriptions should also get this feature.
-
Sam Thackeray commented
MFA for subscription users is also of critical importance!
-
Sam Thackeray commented
Oh noes, i didn't realise the Google MFA wasn't a single turn on for all users deal. Turning it on for the one admin account isn't very helpful when i have dozens of site admins still unprotected.
-
Francis commented
I have multiple subsciptions with a single subscriber and multiple additional administrator accounts. Would definitely need 2FA for all the accounts. When will this feature be coming up?
-
Daniel Wimpel commented
Plesk supports Authenticators for the primary admin account.
However, additional admin accounts can still log in without 2FA.
This feature would be great to abide to basic security guidelines as it still involves important client data.
-
Daniel Wimpel commented
This definitely needs to be applicable to additional admin accounts.
We have a master account and a restricted admin account for our tech support.To not have 2fA with our company that is strictly digital, is a massive security risk.
-
Anonymous commented
We need to be able to not just make 2FA available, but require it for additional users.
-
Anonymous commented
Same here: really need Google Authenticator service for all admin accounts, ie to include all subscribers and not just the main one
-
Anonymous commented
really need Google Authenticator service for all admin accounts, ie to include all subscribers and not just the main one
-
Anonymous commented
Oui c super important
-
Ben Beckford commented
It's 2020 and 2FA is still not a thing in Plesk....
-
Anonymous commented
We need to be able to not just make 2FA available, but require it for additional users. Please implement this ASAP!