Password expiration policy
View this email in your browser

As a measure to continuously improve security in OpenSRS, we are adopting a password expiration policy. It’s a security feature rooted in industry best practices, and designed to mitigate the risks associated with poor password management practices adopted by some users. The main objective of this new policy is to help keep your account safe by enforcing the use of strong passwords.

In practical terms, it means that your OpenSRS account passwords will now expire on a regular basis, and will need to be reset every 6 months. We are going to begin the expiration cycle with a reset. Here’s what you should expect:

  • We will begin the password expiration cycle for the first randomly selected accounts in the next few days and continue to cycle through all reseller accounts in the next few weeks.
  • New passwords must be at least 10 characters long (maximum is 72 characters)
  • Dictionary words are not allowed as passwords
  • The last 8 passwords cannot be re-used

To support this process, the Reseller Control Panel will indicate that a password will expire in X number of days.

Once a password has expired, the Reseller Control Panel will no longer allow access and offer to send the password reset link to the email address associated with the account in order to complete the reset process.
Tips to help you create a strong password
  • The longer, the better
  • Mix uppercase and lowercase, numbers and special characters
  • Different logins should have different passwords
  • Don’t make it predictable. Your pet’s name is not a secure password!
  • We strongly encourage the use of password management software such as 1Password
Want added security? Enable two-factor authentication on your reseller account.

If you have any questions, please contact support at

The OpenSRS team

Copyright © 2017 OpenSRS, All rights reserved.

unsubscribe from this list    update subscription preferences