- Jan 04, 2013
- by Brad Litwin
Password strength requirements are increasing. Please inform all email users on your account.
As part of our Perpetual Security program, we have increased password strength requirements. When you change your password, a minimum password strength of 50 is required.
Starting Monday, we will also check all logins against a dictionary. Passwords that are too simple such as ‘password’ or ‘123456’ will be changed to a random string during the login and the email administrator for the account must set a new password to regain access. An email will be sent whenever an email password is changed by this program. Follow the instructions in our KB article to change passwords in advance of the new requirements.
During testing, we found these simple passwords to be used primarily on addresses like [email protected] and other addresses that are not typically assigned to individuals, so this change is likely to cause little disruption for most email users. This change does not prevent any account from receiving mail. It only safeguards email accounts from sending by unauthorized users.
By increasing password security there will be less abuse of easily accessed accounts by spammers and reduced chance of your server getting on a block list. We are sure you will agree that is a result worth the effort. Thank you for your cooperation in making your server more secure and ensuring reliable email delivery.
A2 Hosting Support