Enforcing Strong Passwords¶
Ensuring that users create strong passwords is crucial to ensuring the security of InterWorx. From the Settings page in NodeWorx, system administrators are able to set a required password strength for the accounts and users on their server.
Contents
Accounts Subject to the Required Password Strength¶
NodeWorx users
SiteWorx users
SiteWorx FTP accounts
SiteWorx mailboxes
Shell user passwords
MySQL root password
SiteWorx MySQL users
Generally, if it is a password that is configured from within the InterWorx control panel, InterWorx can enforce the password policy.
Warning
The required password strength policy does not, and cannot, enforce password strength on third-party software, such as WordPress.
The Password Strength Levels¶
Weak: At least 7 characters
Medium: At least 7 characters with uppercase/lowercase mix OR at least 12 characters
Strong: At least 7 characters with uppercase/lowercase mix that contains at least one number OR at least 12 characters with at least one number
Very Strong: At least 12 characters with uppercase/lowercase mix that contains a number or special character (!,@,#,$,%,^,&,*,?,_,~,-,£,(,))
Note
Common passwords are also blocked from use. For a list of blocked common
passwords see /home/interworx/lib/dict/commonpasswords
To Set A Required Password Strength¶
Log into NodeWorx from the browser (https://ip.ad.dr.ess:2443/nodeworx)
In NodeWorx navigate to Server > Settings
Under Password Options, select the desired password strength from the Required Password Strength dropdown
Click Save