Secure password is too long to be considered secure in cPanel

velvelajade

Registered
Mar 23, 2016
3
1
3
United States of America
cPanel Access Level
Website Owner
My issue is that I know that my password to password protect a folder is extremely secure. The problem is that there is no documentation of allowed characters. And, cPanel thinks that a password longer then 65 characters is NOT secure. I use a combination of characters that do NOT include Asian, Hebraic or Greek characters. I am sure it counts the number of duplicates but I use a combination of numbers, symbols, caps and lower case letters. My password length is less then 250.

Does cPanel allow username's password for folders to contain foreign letters at all?
Can Hebrew be used?
Can Hiragana be used?
Can Greek letters be used?
Can Russian be used? Icelandic letters?
Can letters with dots underneath them be used?
And, if so, which ones?
I know this WAS asked before, over two years back but NO ONE responded to that person, but I do understand such a security risk in answering such a question.

The problem is that unless we have this documentation, we blindly try various combinations until we find one that is valid and NOT secure. Anyone can take the US/UK letters, numbers and symbols and crack those passwords. It only takes a computer. But, if non-english keyboards were allowed to create passwords too - even more than one keyboard used for the same password, wouldn't this be more secure? OR does cPanel only apply it to the key number and ignores which keyboard was used? My site was hacked a long time ago with that huge cPanel vulnerability issue. However, I do not want my website hacked either from the website end, so would like to sew up what I can on my end, as well.
Thanks! from a private website owner who is not making a public website
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,205
363
Hello :)

Could you verify if you are asking about password protecting a directory with Apache, or the passwords utilized for access to cPanel/WHM?

Thank you.
 

velvelajade

Registered
Mar 23, 2016
3
1
3
United States of America
cPanel Access Level
Website Owner
It is password protecting a directory with a username and password. It is not about the initial access to cPanel. However, it would be good to know the nitty gritty details behind what is allowed in a cPanel initial access password too, as that one I have not tried to make so over the to secure yet, but will be working on that next. (I didn't want to lock me out of my site, so thought that if I worked on directories first, that I should be safer.) Thanks!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,205
363
  • Like
Reactions: velvelajade