Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Phishing and 2factor

Discussion in 'Security' started by bertelschmitt, Jun 5, 2014.

  1. bertelschmitt

    bertelschmitt Member

    Joined:
    Jun 5, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I am in receipt of a more or less decently made mail that invites me to go to Cpanel.net to "reconfirm my account." Of course, the link does not go there, but to - Removed - (redacted to defang link.)

    This reminds me: When does Cpanel finally get 2factor auth? With it, even a successful phish would be out of water.

    I don';t know what is taking so long to enable 2factor. Cpanel clearly is under attack, and passworded Cpanel sites are very weak links in a big chain. I get 2factor for free with Webmin and sundry other products. Is it too much to ask to request this feature for something for which I am paying no insignificant amounts for two servers?
     
    #1 bertelschmitt, Jun 5, 2014
    Last edited by a moderator: Jun 5, 2014
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,479
    Likes Received:
    421
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Please feel free to sign on to this Feature Request:
    Two-factor Authentication - cPanel Feature Requests

    Here's a blog post by cPanelTravis that may be useful to you:
    How to Minimize and Stop Phishing Emails - cPanel Blog

    The email you mention has been seen many times over the years.

    For anyone reading this thread later, this from a cPanel Blog post in 2011:

    HTH!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Infopro, Jun 5, 2014
  3. bertelschmitt

    bertelschmitt Member

    Joined:
    Jun 5, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I did read the post many times, and voted in the affirmative. This request is more than a year old. It received a lukewarm welcome, and I am getting the impression that it is being ignored studiously. Will it need a huge disaster for it to be taken seriously? This shouldn't take longer than a week to implement. 1 day of coding, and six days of testing.

    Please let your customers know what is holding you back, or why you don't want this glaringly missing feature.
     
    #3 bertelschmitt, Jun 5, 2014
(You must log in or sign up to post here.)
Loading...
Similar Threads - Phishing 2factor
  1. rpvw

    Phishing using the /.well-known/ directory

    rpvw, Feb 5, 2018, in forum: Security
    Replies:
    4
    Views:
    525
    rpvw
    Feb 5, 2018
  2. mjobrr

    Phishing Activity on Website

    mjobrr, Jul 11, 2017, in forum: Security
    Replies:
    3
    Views:
    496
    cPanelMichael
    Jul 12, 2017
  3. nimonogi

    How can I report a phishing email?

    nimonogi, Feb 13, 2017, in forum: Security
    Replies:
    1
    Views:
    718
    Infopro
    Feb 13, 2017

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice