Amin Taheri

My feedback

  1. 309 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      35 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

      We have serious doubts this function can really increase server security:
      1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
      2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

      As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

      As for concerns that default password requirement is set in “weak”, that fail2ban module is not…

      Amin Taheri supported this idea  · 
      Amin Taheri commented  · 

      Agree - +1
      We cant use Fail2Ban (It tanks our server due to # of domains/customers) and being able to change the username would be great since it takes the guess work out of brute force attacks.

      it also seems like a very easy thing to allow for - even if it does (in your opinion) only make people feel better, if people are asking for it, perhaps its better business to give it to them than to argue with them about why they think they want it?

    • 733 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        75 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…  ·  Admin →
        Amin Taheri supported this idea  · 

      Feedback and Knowledge Base