* [Improvement] Instance Manage Page - Sidebar navigation with responsive mobile support, collapsible task panel, type-to-confirm destruction, settings tab consolidating boot/media/VNC/password, and p

I've always used a disposable password when signing up and then changed it immediately.

(Quote)

We don't send root passwords. We don't know your root password.

Who uses password these days?

Mentally strong people do not change root password after getting the same over email. Jokes aside if you looking for secure cloud infrastructure then let isn't the marketplace. The term low end is pre

(Quote)

(Quote)

Easiest solution, change the root password on the VPS's shell. Never change a root password in the provider's dashboard. Because if you enter it there, they can intercept and store the password for

Passwords delivered via email are inherently insecure, no matter how you slice it. You can encrypt at rest all you want, but the moment that password hits an email, it's likely traveling through third

That's just plain wrong (or incompetent). One could perfectly well use symmetric encryption with a fixed provider password (even staff doesn't need to know) and decrypt for emailing. Plus one could ap

(Quote)

(Quote)

(Quote)

There are plenty of solutions to this problem. Some customers prefer receiving a non-root login, some prefer a password that expires, some prefer none of the above. The bottom line is, in the context

Does this work? Let me try it on my new VPS. Because I'm also wary root password can be reset easily from whatever panel, hopefully this will make it harder.

With Virtfusion (what I use), when you install an operating system and don't select an SSH key, the root password is generated and emailed to you. The email logs Virtfusion stores automatically redact

That is the correct way to do it. When installing an OS via a template, the provider can easily require a password change after the first login. And if the customer is installing directly via ISO, the

With OVH, they send a temp password link that will expire in 7 days and require you to change the password on first login.

I get it for automation on the first setup the password needs to be stored and sent out. Would standard practice not be to create a temporary password that is expired on first login or require reset?