Jump to content
xisto Community
Sign in to follow this  
AlternativeNick

Security Issue

Recommended Posts

Hey all, i think this is a major problem.it costs 10 credits to change youre cpanel password.What is up with that? if someones password is compromised, and they dont have the credits, it could take a while for them to get the credits high enough to change it, and in that time its very possible that someone could take advantage of the site/cpanel etc.I really think this should be changed, if anything make it cost 1 credit, because im sure everyone has that.Personally, i have a hard time posting on forums (i cant usually think of anything to say) so my credits are almost always below 10.Anyways, im just saying, for the sake of safety, it shouldnt cost that much to change youre password, being able to change passwords in a flash is very important if you ask me :)

Share this post


Link to post
Share on other sites

There's also a disadvantage of allowing changing cPanel password in a flash... what if someone has the access of seeing your forum password? Without you knowing a password can be changed to both accounts--the forum and your cPanel.

 

Allowing credits to be used serves as a buffer if your cPanel password needs to be changed other than you. If you have only 9 credits, someone else cannot change your cPanel password immediately unless gaining additional credits needed.

 

But before we discuss what ifs... let's discuss about preventing it from happening in the first place.

 

You can change your cPanel without any hosting credits. This is done through your cPanel. So the very first step is to protect and complicate your password to your cPanel. Mix numbers and letters. Make it longer than 6 characters (128 is max). Make sure you do not have keylogger or spyware in your computer used to access your cPanel. Do not, I repeat, do not use public computer that you do not use often to access your cpanel or FTP. They may be infected with who knows what.

 

If you are still worried about cPanel being compromised, change your password often. When you change your cPanel password, change your forum password as well. Email both passwords to your "secure" email address OR memorize them. Do not write it down. If you have to write it down, chances are you will forget them.

 

Protect your password.

Don't write down your password - memorize it. In particular, don't write it down and leave it lying around where people can see it, and don't place it in an unencrypted file! Use unrelated passwords for systems controlled by different organizations. Don't give or share your password, in particular not to someone claiming to be from computer support or a vendor unless you are sure that are who they say they are. Don't let anyone watch you enter your password. Don't enter your password at a computer or to a site you don't trust. Use the password for a limited time and change it periodically.

 

Choose a hard-to-guess password that includes a variety of letters, numbers and special characters.

passwd will try to prevent you from choosing a really bad password, but it isn't foolproof; create your password wisely. Don't use something you'd find in a dictionary (in any language or jargon). Don't use a name (including that of a spouse, parent, child, pet, fantasy character, famous person, and location) or any variation of your per- sonal or account name. Don't use accessible information about you (such as your phone number, license plate, or social security number) or your environment. Don't use a birthday or a simple pattern (such as backwards, followed by a digit, or preceded by a digit. Instead, use a mixture of upper and lower case letters, as well as digits or punctuation. When choosing a new password, make sure it's unrelated to any previous password. Use long passwords (say 8 characters long). You might use a word pair with punctuation inserted, a passphrase (an understandable sequence of words), or the first letter of each word in a passphrase.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.