Jump to content

Plesk Product/Subscription Password Security Error code: 1019 when plesk password reqs set to high


Recommended Posts

Problem Description

 

Plesk automatic provisioning fails with the following error:

 

Error: Error code: 1019. Error message: Your password is not complex enough. According to the server policy, the minimal password strength is Strong. To improve the password strength, use numbers, upper and lower-case characters, and special characters like !,@,#,$,%,^,&,*,?,_,~

 

Problem Workaround

 

It's a simply fix -- just change the product that is attempting to be provisioned such that the password contains a symbol as described in the error.

 

Bug

 

When using Plesk 11 or newer, WHMCS should be provisioning products with more secure passwords by including symbols in the randomly generated values. This will prevent that error in automation from occurring.

Link to comment
Share on other sites

Jas8522,

 

Thanks for this report. The error message seems to imply that another way to correct this issue is to change the plesk server policies. To make sure we get this prioritized correctly, is this error triggered during a fresh setup plesk server or one where you have made settings changes to make it more secure?

 

Have a great day,

 

Nate C

Link to comment
Share on other sites

Nate,

 

You're correct; the default security policy is low or medium. I did manually set it to secure, but I would assume that WHMCS would always abide by the most secure policies; after all it's software that we trust with our customer's credit card data and more.

 

While I wouldn't necessarily mark this as high priority because of what you've indicated, it's most definitely still a bug that should be fixed at some point. I honestly can't imagine how it would be a bad thing to include symbols in any and all product passwords unless the software that's being provisioned to explicitly rejects symbols in the password. Even so, that should be the exception, not the norm.

Link to comment
Share on other sites

Jas8522,

 

Thanks for getting back to me. I don't want to spend much time discussing if something is a defect or an improvement. I agree that making this change would improve the software and have opened case: BACKLOG-5931 to track this suggestion internally.

 

Thanks for the report and the confirmation,

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated