Password security

Discussion in '3CX Phone System - General' started by pks-team, Apr 26, 2015.

Thread Status:
Not open for further replies.
  1. pks-team

    Joined:
    Dec 7, 2012
    Messages:
    24
    Likes Received:
    0
    Hello,

    I am trying to find a way to influence the automatic created Passwords when provisioning phones. Currently it is 7 characters (lowercase and numbers). I would like to extend to 12 positions with Upper/lowercase, numbers and symbols.

    Is there a way to configure this?

    Regards

    Norbert
     
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,360
    Likes Received:
    226
    I do not recall seeing anything previously about changing the length of auto-generated passwords.
    Some SIP devices may have a limitation, and this is why the length was chosen.

    What would be the reason for changing this? With SIP, and the security settings within 3CX, a Hacker is only given set number of attempts (certainly not enough to run though all possible passwords) before the originating IP is blacklisted. 3CX will also notify, by email, when this occurs. Users that have reported hacking have usually been using manually created, easy to guess, passwords (such as using the extension number as the password).

    Other passwords generated by 3CX, would not be guessed, even if you verbally gave someone a password, to provision a set manually.
     
  3. pks-team

    Joined:
    Dec 7, 2012
    Messages:
    24
    Likes Received:
    0
    Hi,

    I guess I am being too careful/prudent.

    Norbert
     
Thread Status:
Not open for further replies.