Er_Maqui
My feedback
-
25 votes
Er_Maqui supported this idea ·
-
20 votesopen discussion · 2 comments · Feature Suggestions » Plesk (general) · Flag idea as inappropriate… · Admin →
Er_Maqui supported this idea ·
-
499 votes
We have serious doubts this function can really increase server security:
1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.
As for concerns that default password requirement is set in “weak”, that fail2ban module is not…
Er_Maqui supported this idea ·
-
463 votesopen discussion · 21 comments · Feature Suggestions » Panel/Mail · Flag idea as inappropriate… · Admin →
Er_Maqui supported this idea ·
-
646 votes
An error occurred while saving the comment Er_Maqui supported this idea ·
I think it's a very good feature for plesk