Is it possible to configure multi-factor authentication to access Plesk?
The two-factor authentication scheme is facilitated by the Google Authenticator extension.
Note: MFA will be enabled both for Plesk Admin and the customers' accounts.
It is required to install the Google Authenticator application on your smartphone. Afterward, install the extension in Plesk and enable it. To configure the extension, first, scan the QR code with your smartphone:
When you try logging into the panel, you will be prompted for a verification code. Refer to the Google Authenticator application you have installed on your phone to obtain the code.
Please note that the multi-factor authentication measure is intended only for the Plesk web interface. It does not apply to API or Plesk Mobile App. Since the mobile application uses XML-RPC API requests to communicate with the Plesk server you can enhance security by disabling API at all or limiting it to specific IP addresses using the article How to restrict Plesk XML API?