All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
To all the LET VPS providers: why do you keep sending the password in plain text?
I've subscribed to more providers that advertised their offers on LET - thank you again LowEndTalk! . However most of them keep showing or sending me per email the password I've chosen for my new VPS with no protection as plain text. Emails telling me the VPS was activated, opened tickets about some different topic with the note that my password is "text" and so on...
I mean, we know you can see what we're doing, but using this sort of reminders reduces the user's privacy to zero. Besides that as you may know the email isn't the securest way to share sensitive data.
I hope maybe all the providers will change that in the future.
Thank you and I hope you'll all have a great BF 2024
Comments
Use SSH public keys then (it will prevent leak of your password)
VirtFusion has a warning in their email template:
just change the password when you login.
I am aware of this option and I use it in such cases.
It's just the idea of handling a password like a password
its actually to encourage you to change upon first login.
If I don't send passwords by emails, most of my clients will get offended that they have to login to our client area to retrieve passwords, There is 1% of you who think it should not be in plain text remaining 99% choose to reset no matter how securely you send or they use ssh key.
As someone who actually has worked for some providers, I can guarantee you that if the provider doesn't include the password in the emails (yes, in plain-text), you will get numerous tickets asking where/what the password is.
so how should it be done? snail mail?
We don't send it. It's randomly generated internally for the purpose of creating a VPS, but not sent to the customer. VPS welcome email tells you how to add your key or how to add / change the pass from the control panel.
No reason for your service provider to know your root pass unless they're managing your server.
Just send one time link instead.
Our Antarctica IPv9 VPS not only send plain passwords but also encourage customers to post their passwords on LET.
We have advanced security based on brain connect technology, so that passwords are not at all important.
Most of the Providers are using the same Billing or/and VPS Management software.
IDontKnowHowPasswordManagersWork2020
(at least you don't know that my email is [email protected])
interesting, considering the average online customer.
Password must be sent in plain text if there is no SSH key option. Most customers will open tickets if they don't have that password easy to find in front of them.
The best solution is to simply include in email a notification like this: "Please change the password on your first login and don't forget to always use very strong and complex passwords everywhere!"
KISS - keep it stupid simple