resellers creating accounts with same username and password

[abused1]

We have over 7000 resellers and many of them are creating accounts with same username and password.

on a daily basis we're having to deal with half a dozen "hacked" accounts from username / pw being the same. Almost every one of these begin spamming or trying to hack the server.

This problem is getting worse daily. we need cpanel to release an update that prevents this from happening, as well as disables any current username / login being same from working until the reseller changes the password.

I am posting this so It will hopefully get done asap. We are being overwhelmed from the issues this has been causing.

 

[abused1]

got my fix already!!

Nick / Billy do an amazing job!


"
This script (when run as root) will change the password of all users
with a password equal to their username to a random 10 char password,
and display the change.

http://koston.org/lockbaduserspass

Install/Use Instructions:
wget -O /scripts/lockbaduserspass http://koston.org/lockbaduserspass
chmod 700 /scripts/lockbaduserspass
/scripts/lockbaduserspass

======================================================================

The latest beta builds have been updated to prevent this from happening
form the get go. In the meantime, adding that script to crontab should
mitigate the problem.
"

 

[erwinfa]

I got an error Can't locate Cpanel/CheckPass.pm.

How to fix it ?