Password Strength Configuration

For WHM version 11.30

Using this feature, you can define minimum strengths for passwords for all of cPanel & WHM's authenticated features.

Setting the default minimum password strength for all features

To configure a minimum required password strength for all authenticated features:

Click the first checkbox at the top of the page.
Use the slider to specify the default minimum password strength, or type a number between 0 and 100 into the box.
- Password strength is rated on a scale of 0 to 100, where 100 represents a very strong password.
- This setting defines the minimum password strength for all of the features listed below, unless you configure them otherwise.
Click Save at the bottom of the page to store your changes.

To configure a minimum required password strength for a specific feature:

Select a feature from the list.
Use the slider to specify the feature's minimum password strength, or type a number between 0 and 100 into the corresponding box.
- Password strength is rated on a scale of 0 to 100, where 100 represents a very strong password.
- If you do not configure a minimum required password strength for a feature, it will inherit the default setting at the top of the page.
Click Save at the bottom of the page to store your changes.

Note: These features do not need to share the same values.

We recommend setting the default minimum password strength to at least 50.

This will help provide protection against brute force attacks.

The settings on this screen only apply to passwords set by means of cPanel & WHM.

A user with shell access would be able to use the passwd command line utility to bypass requirements set by this feature.

Topic revision: r5 - 17 Oct 2011 - 14:34:17 - Main.MelanieSeibert