The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Tokens

Discussion in 'Security' started by DjiXas, Jun 6, 2010.

  1. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    I have been playing with security tokens for a while now and the most annoying thing about them is this: if you have WHM opened for 20 mins or so, doing nothing, then clicking on some link, it will show you this:

    And asks for password.

    Is it possible to disable this annoyance (but leave tokens enabled)? Plus, is there REALLY any advantage on having them on all the time if server is not high risk?

    I have already enabled those (protects against same attacks)

     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,468
    Likes Received:
    196
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Sure you can turn them off if you like. It's an added layer that you do want to be using, but if it gets in your way that's another story.

    You were probably doing something, in another tab or window, maybe even in another cPanel account or server. The session got changed somehow and your server protected itself from you.
     
  3. oshs

    oshs Well-Known Member
    PartnerNOC

    Joined:
    Sep 5, 2004
    Messages:
    146
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    Is there a timeout for the security tokens?

    Regards,
    Suhail.
     
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,460
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The security token is invalidated when the login session is invalidated. This will happen either when one logs out of the product or after being idle for a few hours.
     
Loading...

Share This Page