New Password Rotation Polices

UPDATE:

I would like to thank all the clients that have reached out in both support of and against this issue. Please review the latest update concerning this policy.


Dear TCH Family,

TCH takes security very seriously and we are always looking at ways to improve the security for our internal infrastructure and for our client’s web presence. In an ongoing effort to provide our clients with the most secure environment possible we are enforcing the following new password rotation rules.

Effective immediately, every shared and reseller hosting client upon their next login to cPanel will be prompted to change/update their user passwords.  You will not be able to utilize your old password during this new password update.  Once this is completed, users will then be prompted every 180 days to once again rotate their passwords.

We would suggest you implement at a minimum, an 8 character long password with combinations of upper/lowercase, number and special characters.

We believe this new policy will insure that the hosting environment provided to our clients will become more secure.  This will also promote password security that will hopefully pass down to the way all users handle their passwords not only here at TCH but overall.

As always we appreciate your business and look forward to providing our clients many more years of happy hosting!

Thank you

Bill Kish
TotalChoice Hosting

Share Button

12 thoughts on “New Password Rotation Polices

  1. This is ridiculous. What is so magic about 180 days?
    Why not 100 days, or 1800 days, or perhaps 8 hours?
    If login is secure then it is secure, if it’s not it’s not.
    You seem to enjoy inconveniencing your customers.

  2. In response to zndxlulp! If your hosting on the same server that my account is on, please go find a new host. I love this change and think security is more important than listneing to your whiney little stupid rant. Change your password twice a year is a bad thing? what drug you smoking pal? I dont get people that like to complain about security and then complain when their shit gets hacked.

  3. Really, the wonderful secure system has just crashed and locked me out!

    This change doesn’t help security, when TCH logs me in it is via an unsecured site – the password is sent in clear, brilliant secure 6 month old password that can be read in transit!!

    Don’t talk about things you don’t know about.

  4. I agree with John. The help site that I log into is via SSL. The live chat that I used today was over SSL. Personally zndxlulp, you sound like a radical looser that has run out of people to whine to. I have been with TCH for 9 years. I have never had a issue with my password. TCH is a great host. I submitted a ticket last night at 4:25am and the owner himself answered it within 10 minutes and the issue was resolved. TCH ROCKS and you do not!

  5. I’m no whiner, but I have a sort of innate resistance to this kind of thing, especially this part:

    “hopefully pass down to the way all users handle their passwords not only here at TCH but overall”

    Sounds condescending.

    TCH is the best host out there, and I’m not going anywhere, but I’d prefer to be treated by companies I do business with as someone who knows what he’s doing, unless I prove otherwise.

  6. That the help site is ssl is not particularly relevant, it’s the main site that counts.
    I haven’t had an issue with my password either until suddenly today access was not available due to a mistake by TCH.

    Since my email was blocked, TCH sending a solution to my email address was stupid. The owner claimed to have replied in 2 minutes, but that’s no help when he knew I couldn’t read it since he was blocking my access to email!!

    I don’t normally complain but when TCH waste my time like this for the second time someone needs to tell them, enough is enough.

  7. I changed my password is about a minute. If you were locked out it was not because of an error on total choices servers. Maybe your just a moron?

  8. Some of these comments are just laughable.

    @stevesh – How is that condescending? Did you miss the word “promote”? You know promote, as in to support or encourage? Well I hope to promote all of you to brush your teeth twice a day. Oh No! Does that automatically imply that you don’t brush your teeth? Damn now I think my dentist has been condescending all these years!

    @zndxlulp – Blocked email? Do you expect all of us to believe that you have only one email address? Now that’s what I would call stupid! What ISP doesn’t provide an email address these days? That damn interweb sure is confusing eh?

  9. Joe Simmons you are the moron.
    TCH have 2 errors, the first which THEY have noted in their second news note – “that clients are trying to log in to their webmail and they are getting errors whilst trying to change their password”. Being a moron you can’t understand a simple note like that.

  10. Clint R. you seem to be confused.
    Who said anything about one email address? TCH sent the email to the blocked address, they did not notify me by the alternative I gave them in my query!!

    Don’t talk about things you don’t know about.

  11. I’ve been around here long enough to remember when a guy could post an opinion in the forums without being insulted. Apparently that policy has changed, too. That’s a shame.

  12. I agree it is a shame stevesh.
    When I queried the 180 days I expected we might have had a useful discussion on improving security.

    Since the login is not secure having a changing password is rather like putting 180 locks on the front door of a house but leaving the windows and back door open.

    I will leave the forum to the insulters.