Strong cPanel Password For All Accounts
If all the things that you as a cPanel reseller need to be aware or conscious of, it is your sacred responsibility to protecting your customer’s data.
To us, part of this is either using passwords that are no less than 18 alphanumeric character set that includes both upper and lower case letters, punctuation marks and symbols and setting up two-factor authentication each time you create a new cPanel account.
You can easily generate strong passwords by visiting either of these URLs:
- https://1password.com/password-generator/
- https://www.dashlane.com/features/password-generator
- https://passwordsgenerator.net/
- https://www.lastpass.com/password-generator
- or cPanel’s native password generator.
Also enable login notification for every cPanel account so that whenever someone logs in to your cPanel, you will get an instant notification.
To do that, log in to cPanel and visit “Edit Contact Information and Preferences.
From there, select and tick the check-box with “Someone logs in to my account. Send login notifications, even when the user logs in from an IP address range or netblock that contains an IP address from which a user successfully logged in previously.” for each account.
Gone are the days where your trusty password is enough to protect you.
Even if you have a unique password for every website you use, there’s little in the way to stop malware on your computer (or even on the website!) from scraping your password and using it.
Or, if someone sees you type in your password, they can memorize it and log in as you.
Don’t think it’ll happen to you?
So-called “credential stuffing” or brute-force attacks can make it easy for hackers to break in and hijack people’s online accounts in bulk.
Two-factor authentication (sometimes called “two-step verification”) combines something you know — your username and password, with something you have — such as your phone or a physical security key, or even something you are — like your fingerprint or another biometric, as a way of confirming that a person is authorized to log in.
It is the best way to protect yourself online.
You might not have thought much about it, but you do this more than you think.
Whenever you withdraw money from an ATM, you insert your card (something you have) and enter your PIN (something you know) — which tells the bank that it’s you.
Even when you use your bank card on the internet, often you still need something that you know — such as your ZIP or postal code.
So once you have logged in to your cPanel and WHM, we really, really recommend that you activate two-factor authentication immediately for your control panel.
Having a second step of authentication makes it so much more difficult for a hacker or a thief to break into your online accounts.
With 2FA enabled the application on your smart-phone supplies a code that you must enter with your password to log in.
Without your smart-phone, you cannot log in.
Don’t worry about losing your device or losing access to the app.
If you do, just let us know and we will remove the two-factor authentication so you can log in until you re-activate that again.
To do this, perform the following additional steps:
Download a two-factor authentication for your device.
You can do this either by visiting your app store and searching for the terms you see below.
Or visit these URLs below to download the appropriate app or extension for your operating system:
- For Android™, iOS®, and Blackberry® — Google Authenticator™ – https://support.google.com/accounts/answer/1066447?hl=en
- For Android and iOS — Duo Mobile – https://guide.duo.com/third-party-accounts
- For Windows® Phone — Authenticator – https://www.microsoft.com/en-us/p/microsoft-authenticator/9nblgggzmcj6
- For Chrome, Android and iOS – Authy – https://authy.com/download/
Once this is done, visit WHM >> Home >> Security >> Two-Factor Authentication.
For cPanel, visit cPanel >>> Security >> Two-Factor Authentication.
Open your preferred 2FA app in your smart-phone to retrieve the six-digit security code. The 2FA app generates a new six-digit security code for your cPanel account every 30 seconds.
To automatically create the link, scan the displayed QR code with your app.
To manually create the link, enter the provided Account and Key information in your app.
Enter the six-digit security code that the app provides within the allocated 30 seconds before the code changes again.
Click Continue.
The page will reload and once you log back in, it will ask you for the 6-digit authentication code before you can proceed.
Please note that this changes every 30 seconds and that you must use the generated code within this block of time.
Bonus Tip: When doing that, do take a screenshot of the generated bar-code.
That way, not only would you have an additional backup if you ever reset your phone and lose access to the two-factor authentication app, but you can also share the screenshot with your customers each time you activated 2FA for their account.
Getting Support As A Hosting Reseller
One of the biggest perk as a hosting reseller is the kind of hosting support you will get.
Compared to a normal cPanel hosting account, your request will be accorded the highest priority 24 hrs per day.
And beyond that, the great team at cPanel can also step in when needed to make things easy for you if the need be.
At Web Hosting Magic, we actually do offer white-label support directly to our reseller’s customers.
All you need to do is to create an email address, add us to your support system and forward each request you want us to have access to, to our technical support team without anyone else being the wiser.
What To Do Next
Well, if you are a web developer, a web designer or a web agency with multiple clients, you can build your brand faster, earn more and keep your customers happier if you use a cPanel reseller hosting with a good web host that really cares for your success.
Should you want to take this step, visit https://www.webhostingmagic.com/cpanel-reseller-hosting.html to start a life-changing journey, right away.
