20 Mar

Important: Password Security Policies

The password is the single most common security measure for digital systems, both online and off-line. The problem is that it is becoming increasingly less secure as hackers gain more and more powerful tools to simply crack them. A great deal of attention has gone towards the creation of secure passwords, what constitutes them, and whether or not it is feasible to retain a bunch of random alphanumerical strings inside your head all the time.

How are passwords cracked?

Most accounts that have their passwords compromised are not done so by another human being directly. Instead a computer will be tasked with guessing your password, so planning should go in to understanding and then deterring a computer from cracking your password. A hacker has a variety of malicious tactics available to them when trying to crack your password. These would be the two most common attacks you see on the Internet today:

  • Brute Force Attack: The attacker runs a script that tries again and again to randomly crack your password by sheer brute force. A long password with multiple character sets is the best protection. The higher your password entropy the less likely your password will be compromised by a brute force attack.
  • Dictionary Attack: The attacker utilizes dictionaries of known words or passwords and a script to try them in thousands of combinations until one matches up with the correct password. Don’t use common words, or keystrokes such as anyone’s name or phone number. Use a combination of multiple character sets to reduce the likelyhood of multiple entries pulled for a dictionary matching up successfully.

In recent time, We have been working on having more security on our cPanel servers and have applied few new security policies.

Password Strength – An password of any kind must set to 80% strong at least. System will not accept your password until it matches the security policy. To setup an strong password, you can use Lowercase/Uppercase letter, signs/symbols and number.

Password Age – Passwords must be changed every 90 days. Our system will automatically ask user to change their password every 90 days.

These two measures should allow you to secure your cPanel and related services. In the meantime, if you have any questions about account security, please contact us at TetraHost Support.