The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Secure the Root Login Please

Discussion in 'General Discussion' started by psychodreams, Jun 2, 2007.

  1. psychodreams

    psychodreams Well-Known Member

    Joined:
    Apr 14, 2004
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    I really think you need to patch up cpanel I use to use the same passwords on my own domains as my root password but it seems any user on the server that has the same password as the root password will have access to everyones domain. Granted you should have a pretty secure root password but you never know by some freak of nature someone could change there password and happen to be the same as your root password.
     
  2. rainboy

    rainboy Active Member

    Joined:
    Mar 2, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Eindhoven
    Like you said, the chances that someone got the same password as you would be 1 in a billion if you use a secure password, besides the chance they would try to do this with root is even larger as they would try it with a random user name. And much more productive anyways.

    :confused: I frankly dont understand your complain / suggestion at all.
     
    #2 rainboy, Jun 2, 2007
    Last edited: Jun 2, 2007
  3. eNetHosts

    eNetHosts Well-Known Member

    Joined:
    Apr 21, 2007
    Messages:
    195
    Likes Received:
    0
    Trophy Points:
    16
    I agree.

    Unless you're setting really easy passwords or dictionary based words with a few regular pattern numbers you should be fine. Try to avoid password generators as well.

    Use a form of number, letter, letter, number, number, letter, letter, letter or something like that at random to set your passwords.
     
  4. eNetHosts

    eNetHosts Well-Known Member

    Joined:
    Apr 21, 2007
    Messages:
    195
    Likes Received:
    0
    Trophy Points:
    16
    And also I forgot to ask, it's okay saying secure the root login but how would you do it?

    Linux to my understanding is username root and password x

    Maybe a double password wouldn't be so bad in some cases for high security servers but setting a hard to remember password in the first place would resolve the need for securing the root password.

    Every time we change our root passwords as a hosting provider, it takes me a few days to remember it after typing it in so many times. If it's easy for anyone just to type off they're head straight away, it probably isn't secure in the first place.
     
Loading...

Share This Page