Last week, we increased security across our shared fleet. This includes increasing the strength of passwords for your cpanel account and email addresses.
If your password doesn’t currently meet the minimum strength required you will be asked to update it next time you login.
We have taken some feedback on this introduction of password strengthening, and would like to explain the reasons behind it.
The incidence of websites being hacked has recently increased to such an extent that it was negatively impacting on many of our customers.
Once an account has been hacked, the data for the website is deleted, and the account is used to send spam. So much spam is sent at once, that it causes the server to crash, taking down several hundred websites at once. If email is running through the site, it too is disrupted. The server is then rebooted to bring the websites and email service back online. (Please note that it is not the server itself which is hacked, but individual accounts on the server).
Often the customer who has been hacked will not have a backup of their site, so we’ll need to provide a backup restoration for them. This costs the customer $165.00.
Accounts with weak passwords are targeted in an assault first, particularly those using dictionary words or common names such as “johnny”.
The implementation of this security feature is for our customers protection, and has the potential to save them money and time, as well as the inconvenience of having their websites hacked and offline.
The cPanel password strength calculator occasionally throws an error when providing a score. This is usually overcome by re-entering the password. We have made contact with cPanel to have this bug fixed. Our calculator does not suffer the same problem.
To subscribe to the service status updates if you haven’t already, send an email to “firstname.lastname@example.org” (for Jumba customers) or “email@example.com” (for AussieHQ customers) with the word ‘subscribe’ in the subject line.
We apologise for any inconvenience.