The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Phishing and 2factor

Discussion in 'Security' started by bertelschmitt, Jun 5, 2014.

  1. bertelschmitt

    bertelschmitt Registered

    Joined:
    Jun 5, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I am in receipt of a more or less decently made mail that invites me to go to Cpanel.net to "reconfirm my account." Of course, the link does not go there, but to - Removed - (redacted to defang link.)

    This reminds me: When does Cpanel finally get 2factor auth? With it, even a successful phish would be out of water.

    I don';t know what is taking so long to enable 2factor. Cpanel clearly is under attack, and passworded Cpanel sites are very weak links in a big chain. I get 2factor for free with Webmin and sundry other products. Is it too much to ask to request this feature for something for which I am paying no insignificant amounts for two servers?
     
    #1 bertelschmitt, Jun 5, 2014
    Last edited by a moderator: Jun 5, 2014
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,451
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Please feel free to sign on to this Feature Request:
    Two-factor Authentication - cPanel Feature Requests

    Here's a blog post by cPanelTravis that may be useful to you:
    How to Minimize and Stop Phishing Emails - cPanel Blog

    The email you mention has been seen many times over the years.

    For anyone reading this thread later, this from a cPanel Blog post in 2011:

    HTH!
     
  3. bertelschmitt

    bertelschmitt Registered

    Joined:
    Jun 5, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I did read the post many times, and voted in the affirmative. This request is more than a year old. It received a lukewarm welcome, and I am getting the impression that it is being ignored studiously. Will it need a huge disaster for it to be taken seriously? This shouldn't take longer than a week to implement. 1 day of coding, and six days of testing.

    Please let your customers know what is holding you back, or why you don't want this glaringly missing feature.
     
Loading...
Similar Threads - Phishing 2factor
  1. S3RCE
    Replies:
    10
    Views:
    447
  2. axel50397
    Replies:
    3
    Views:
    1,074
  3. Erik1
    Replies:
    1
    Views:
    451
  4. MrGrey
    Replies:
    1
    Views:
    361

Share This Page