User account password change Failed for cPanel, but took for WHMCS

[wiszmaster]

When I change a users account password for cPanel within WHMCS, and the password does not meet cPanels minimum score, it'll tell me it failed to change it, however WHMCS will store the failed password, and the original will be lost.

 

This causes me to have to reset the password within cPanel/WHM for the user, and save within WHMCS for them.

 

I don't believe this is on purpose by design, is it?

The password shouldn't take & save on a failed auction?!

 

--marco

[wiszmaster]

Has anybody else be able to replicate this, and has it been acknowledged to be a bug?

[SilverNodashi]

Have you enabled password strength in WHM > Security Centre > Password strength? If the password strength is too high (more than 75 I think), then it will fail

[danami]

I know that Matt has this on the dev list.

 

Until then you guys should check out the password strength meter addon that I wrote. You can use manual PHP checks (require lowercase , uppercase, numbers , special characters) or if you have cracklib installed .. it will run against cracklib dictionary tests etc) ..

 

You can easily add a form on submit function to clear the submitted passwords if the password strength fails .. then just change the lang file to something like "A strong password is required" ..

 

http://forum.whmcs.com/showthread.php?t=14979

 

This will make your users need to enter passwords that will pass all cpanel / plesk password tests ..