The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel password maximum 8 characters?!?

Discussion in 'General Discussion' started by coldplug, Sep 12, 2010.

  1. coldplug

    coldplug Member

    Joined:
    Oct 26, 2009
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Hello! I have problem with cpanel root password. Didn't check how auth for other accounts behave, but... my Cpanel (Centos 5.5 x86_64) does not accept any password longer than 8 characters?!

    How I know that? Because I had set my root password about 15 characters long. OK then one day I failed in typing (felt that under fingers when typing) but system still let me logged in! WTF? :eek:

    Then I investigated, I need to input only first 8 characters correct, everything behind can be totally mess, system still log me in. In fact, I can only type first 8 characters off password and nothing more, that's enough to log in. :confused:

    I tried to change root pass, and if I set it shorter than 8 chars, no combination except correct one log me in. If I set anything longer than 8 chars, every combination with 8 chars or longer let me in, provided that first 8 are correct.

    I concluded that when I change my root password, system accept only first 8 chars and discard everything that follow on. The same it does when interpreting my pass during logging - takes first 8 chars and discard everything following? This is the only explanation I can make from my findings...

    What now? Hacked system? Does not look to me like that. There are no evidence of any intruder activity I can tell. I tried the same procedure on other Centos 5.5 boxes I have - no issues. I don't have another Cpanel to try.

    All that is via ssh...

    I really need an advice.

    Thanks.
     
    #1 coldplug, Sep 12, 2010
    Last edited: Sep 12, 2010
  2. ldm

    ldm Registered

    Joined:
    Sep 11, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    If you change the password through SSH to something longer, does the same issue remains ?

    If so, then you need to configure your system to use MD5 passwords.
     
    #2 ldm, Sep 13, 2010
    Last edited: Sep 13, 2010
  3. aapkapratik

    aapkapratik Member

    Joined:
    Oct 26, 2009
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    If you wish to set password strength you can do it by accessing the following path in your WHM


    Under Password Strength Configuration please try and configure

    " Required Password Strength for System/cPanel Accounts ". It might prove helpful
     
Loading...

Share This Page