Password Strength Configuration

Valid for versions 82 through the latest version

Version:

82


Last modified: September 29, 2020

Overview

This feature allows you to define minimum strengths for passwords for all of cPanel & WHM’s features that require password authentication. The system rates password strength on a scale of zero to 100, where 100 represents a very strong password. When you set a minimum password strength, the system automatically rounds this value up to the nearest increment of 5.

Note:

We recommend that you set the value of Default Required Password Strength to 40 or greater.

Warning:

Users with shell access can bypass these requirements with the passwd command.

How to set minimum password strengths

To set the minimum password strengths, perform the following steps:

  1. To specify the default minimum password strength for features that you set Default, use the Default Required Password Strength slider or enter a number between 0 and 100 in the appropriate text box.
  2. To configure a minimum required password strength for a specific feature, use that feature’s slider to specify its minimum password strength, or enter a number between 0 and 100 in the text box.
  3. Click Save to save your changes.
Note:

By default, this requirement only applies to new accounts. To enforce this requirement for existing accounts, you must enable the Password Strength setting in WHM’s Configure Security Policies interface (WHM >> Home >> Security Center >> Configure Security Policies).

Additional Documentation