The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Force password change on 1st email access

Discussion in 'E-mail Discussions' started by sitespt, Jul 13, 2015.

  1. sitespt

    sitespt Member

    Joined:
    Jul 10, 2006
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    1
    Hi,

    Is there a way we can force a user to change his email password when he logins on his webmail?

    We usually send the same password to all users and we know that most of them never change it causing a security / privacy threat.

    Similar systems have an option that will force the user to change the password on their first login.

    Thank you.
     
    Abdulla Ibne Jafar likes this.
  2. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
  3. sitespt

    sitespt Member

    Joined:
    Jul 10, 2006
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    1
    @vanessa: I guess you missed my point.
    I am aware of the password based on age which is, in my honest opinion, a stupid thing which works against security instead of improving it. I remember many times where I used to remember a few passwords for different websites and I was forced to change them every 6 or 12 months and they wouldn't let me use any previous password. This just drives one crazy! It means that in 10 years, you need to "remember" 12 or 24 passwords just for that specific website... no, it doesn't make any sense for me, but hey, it is an optional feature which I choose not to use, ever.

    What I am asking is just to force users to NOT use the default email passwords that we create for them. It is not wise to keep using the password "password123" for example for months or years but some users may use it for life and don't bother to change it.
     
  4. sitespt

    sitespt Member

    Joined:
    Jul 10, 2006
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    1
  5. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider

    Maybe you missed my point then. I understand what you're trying to do, but re-explaining it doesn't change my answer. No, there is no current way to do this in cPanel. Perhaps you need to just not create shitty default passwords.
     
  6. sitespt

    sitespt Member

    Joined:
    Jul 10, 2006
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    1
    lol... temperament...
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,829
    Likes Received:
    672
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Thank you for taking the time to open a feature request. I see it's now approved and open to discussion. In the meantime, one workaround is to randomly generate a password for the email accounts you create to avoid providing the same password to multiple users.

    Thank you.
     
  8. sitespt

    sitespt Member

    Joined:
    Jul 10, 2006
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    1
    @cPanelMichael: Thank you for the workaround but it is still not the same :)
    I hope the feature request gets enough votes so we can force the users to change their password on their first login.
     
Loading...

Share This Page