Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Cpanel password maximum 8 characters?!?

Discussion in 'General Discussion' started by coldplug, Sep 12, 2010.

  1. coldplug

    coldplug Member

    Joined:
    Oct 26, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    51
    Hello! I have problem with cpanel root password. Didn't check how auth for other accounts behave, but... my Cpanel (Centos 5.5 x86_64) does not accept any password longer than 8 characters?!

    How I know that? Because I had set my root password about 15 characters long. OK then one day I failed in typing (felt that under fingers when typing) but system still let me logged in! WTF? :eek:

    Then I investigated, I need to input only first 8 characters correct, everything behind can be totally mess, system still log me in. In fact, I can only type first 8 characters off password and nothing more, that's enough to log in. :confused:

    I tried to change root pass, and if I set it shorter than 8 chars, no combination except correct one log me in. If I set anything longer than 8 chars, every combination with 8 chars or longer let me in, provided that first 8 are correct.

    I concluded that when I change my root password, system accept only first 8 chars and discard everything that follow on. The same it does when interpreting my pass during logging - takes first 8 chars and discard everything following? This is the only explanation I can make from my findings...

    What now? Hacked system? Does not look to me like that. There are no evidence of any intruder activity I can tell. I tried the same procedure on other Centos 5.5 boxes I have - no issues. I don't have another Cpanel to try.

    All that is via ssh...

    I really need an advice.

    Thanks.
     
    #1 coldplug, Sep 12, 2010
    Last edited: Sep 12, 2010
  2. ldm

    ldm Registered

    Joined:
    Sep 11, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    51
    If you change the password through SSH to something longer, does the same issue remains ?

    If so, then you need to configure your system to use MD5 passwords.
     
    #2 ldm, Sep 13, 2010
    Last edited: Sep 13, 2010
  3. aapkapratik

    aapkapratik Member

    Joined:
    Oct 26, 2009
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    51
    Hello,

    If you wish to set password strength you can do it by accessing the following path in your WHM


    Under Password Strength Configuration please try and configure

    " Required Password Strength for System/cPanel Accounts ". It might prove helpful
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice