• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Suggestion for better explanation of password reset dialog

Bitpalast

Bitpalast

Plesk addicted!
Plesk Guru
Basically all customers who try to reset their Plesk login password fail, because they do not understand the requirements for the new password. Part of the customers does not know their own user name - o.k., that's normally the case -, but the remaining some try to enter a new password but fail, because they choose insecure passwords, too short passwords, passwords without special characters and so on ...

I suggest to add an explanation to the dialog where a customer can choose a new password how the password must be built, e.g.

- must contain at last a letter and a digit
- must be n characters long
- must contain at least one special character
...

This of course must depend on the security requirements that the administrator has set in the back office.
 
These requirements are already described in Password strength notes in Security Policy.
 
Sorry for my insufficient explanation. I mean the password reset dialog that a user sees when he cannot login into Plesk any more. The user can request a new password by entering his e-mail address and his user name. Plesk sends a password reset confirmation mail to the user. When the user clicks on the link in that mail he is forwarded to a page where he can enter a new password. On that page however, no requirements are mentioned. Our users then normally try passwords of their choice, not watching proper length or characters.

It would be very helpful if on the actual password reset page where customers must enter a new password the software could display the minimum requirements. It does on the administration page, but it does not on the actual page where a new password must be entered. So people always call support for that, because they don't know how their new password should look like. They enter something and the system only denies setting the new password. People don't know why, neither have a hint before they enter a new password.
 
You must log in or register to reply here.

Similar threads

G
Resolved Cannot create user "The password length must be between 5 and 255 characters"
Replies
10
Views
2K
Kaspar
K
M
Question Valid passwords for accessing mailboxes with iOS Mail
Replies
0
Views
1K
Mag Serv
M
Bitpalast
Resolved Issue with website restore from Plesk backup "Access denied for user 'backup_vwcor4b'@'localhost' (using password: YES)"
Replies
2
Views
1K
Bitpalast
Bitpalast
Bitpalast
Input Please vote for a feature to solve this for good: Email login fails with "failed auth" despite correct password from some Android, iPhone, Outlook
Replies
2
Views
2K
Bitpalast
Bitpalast
Denis Gomes Franco
Resolved Learn from my mistakes...
Replies
6
Views
3K
weltonw
W
Back
Top