As a measure to continuously improve security in OpenSRS, we are adopting a password expiration policy. It’s a security feature rooted in industry best practices, and designed to mitigate the risks associated with poor password management practices adopted by some users. The main objective of this new policy is to help keep your account safe by enforcing the use of strong passwords.
In practical terms, it means that your OpenSRS account passwords will now expire on a regular basis, and will need to be reset every 6 months. We are going to begin the expiration cycle with a reset. Here’s what you should expect:
- We will begin the password expiration cycle for the first randomly selected accounts in the next few days and continue to cycle through all reseller accounts in the next few weeks.
- New passwords must be at least 10 characters long (maximum is 72 characters)
- Dictionary words are not allowed as passwords
- The last 8 passwords cannot be re-used
To support this process, the Reseller Control Panel will indicate that a password will expire in X number of days.