(Quote)

we'll be offering dedicated servers and cPanel web hosting for cheap relatively soon.

Password requested

Imagine people will use an automatic script, being fed with the the login credentials. The script will for basically 100% sure not expect a prompt to enter a password.

The only think I see in WHMCS is a text field for user and password.

Yeah. First time purchaser usually don't expect things that come with unmanaged service and would forgot password on server with root access.

who does everything, including remembering your password for you, which, let’s face it, happens a lot. That’s also why most providers keep it showing in the client area by design.

@host_c, I have never ever consciously (or on low consciousness) set root password when initializing server, unless the stupid panel demands it. In fact, I use 4096 RSA key when I made my first vps pu

provided with a prompt from PAM to enter a new password. Doing that makes the security equivalent to that of an OTP.

Everyone should change the password to any account as soon as they get access into the service. Especially if the service sends you a password. And the closer to the service, the better option it is

I believe that in a few years this will change, as more and more people start to get more aware that a password is not enough today, even if it is 64 characters wide. (Image)

If the average joe are incapable of learning something new, offering emailed password seems to be the right option. But, I think there should be option to use private keys too.

Agreed, password should not be stored in plain text. (Image)

From what I read, the pw is stored "encrypted", as some people who are not ready for unmanaged service demand password login. IMHO, it's a single point of failure

😂 Then they shouldn't use unmanaged service. This is something teenagers should be able to do. Might as well offer faxed password

(Quote)

Then, asked the client to encrypt the key using password

(Quote)

Many providers only care about profit and completely ignore security. While the biggest players usually don't have these issues, it's still shocking that some major companies still send passwords in p

In the clientarea you have a button right at the first page, next to the start/stop buttons with "redeem password".