How to Reset cPanel Password From WHM

Resetting a cPanel password from WHM is an essential skill for web hosting providers and resellers. Whether it is for security reasons or simply regaining access, WHM makes it easy to manage passwords across multiple cPanel accounts.

Verpex Hosting, known for its robust cPanel and WHM support, ensures a smooth and secure password management experience.In this guide, you will learn how to reset cPanel passwords through WHM, helping you maintain both security and seamless account access.

WHM (Web Host Manager) is the administrative interface used for managing servers, allowing administrators to oversee multiple cPanel accounts, perform server maintenance, and configure hosting environments.

Unlike cPanel, which is designed for individual website management, WHM provides more advanced control over server-wide settings, including creating and managing cPanel accounts.

WHM and cPanel work together, with WHM offering web hosting providers and resellers the ability to manage and allocate resources to their clients’ cPanel accounts, ensuring efficient server and account management.

• Forgotten Password: A forgotten cPanel password can prevent access to a hosting account, especially for infrequent users. Resetting the password restores access.

• Security Breach: A compromised hosting account due to a weak or stolen password needs an immediate reset to prevent unauthorised access and protect sensitive data. Use a strong, new password.

• Account Lockout: Repeated incorrect login attempts lock out a user, necessitating a password reset. This security measure prevents brute-force attacks. Resetting the password unlocks the account.

• Employee Turnover: When a website administrator or employee leaves, their cPanel access is revoked and reassigned. The password is reset to ensure security, and new credentials are issued to the replacement administrator.

• Password Expiration Policy: Hosting providers enforce password expiration policies for security. When a password expires, the user must reset it to maintain access. This ensures regularly updated, strong passwords.

1. WHM Access: To reset a cPanel password, you need valid WHM (Web Host Manager) credentials. WHM access is usually granted to hosting providers and resellers, ensuring you have the necessary permissions.

2. Root or Reseller Privileges: Root or reseller privileges in WHM are required to reset cPanel passwords. These permissions allow you to manage and modify cPanel accounts. Without them, cPanel password resets are not possible.

3. cPanel Account Information: Knowing the username or domain linked to the cPanel account you want to reset ensures you can locate and manage the correct account. The account must exist and be active in WHM.

4. Valid Email Address: A valid email address associated with the cPanel account is required to receive the new password or reset instructions, ensuring the account owner can regain access.

5. Two-Factor Authentication: If two-factor authentication (2FA) is enabled, completing the 2FA process may be required to reset the password, adding extra security. However, 2FA can be bypassed with the appropriate permissions.

Step 1: Log in to WHM

Access WHM with your root or reseller username and password. Ensure you have the necessary privileges to manage cPanel accounts. This logs you into the WHM dashboard.

Step 2: Navigate to Account Information

Click on "Account Information" or "List Accounts" to view a list of cPanel accounts. This section displays all cPanel accounts under your WHM. Find the account you want to reset.

Step 3: Select the cPanel Account

Click on the desired cPanel account's username or domain. This opens the account's management page. Verify you have selected the correct account.

Step 4: Reset Password Option

Click on the "Reset Password" or "Change Password" button. This option may be located under "Account Functions" or "Security". Confirm you want to reset the password.

Step 5: Enter New Password

Enter a strong, new password for the cPanel account. Ensure it meets the password strength requirements. You may need to enter the password twice for confirmation.

Step 6: Save Changes

Click "Save" or "Change Password" to apply the new cPanel password. WHM updates the cPanel account's password. The account owner can now log in with the new password.

Step 7: Notify Account Owner

Immediately inform the cPanel account owner of the new password to ensure a smooth transition. For security reasons, communicate promptly to keep them updated and facilitate any necessary changes.

• Check Email Confirmation: After resetting the cPanel password from WHM, verify that you receive an email confirmation from WHM with the new password details. This email confirms that the reset was successful and provides the new credentials for access.

• Log in to cPanel: Use the new password to log in to the cPanel interface and ensure that you can access all the necessary features. If you encounter any issues, double-check that the new password was entered correctly.

• Update Saved Passwords: If you use a password manager or have saved the old credentials somewhere, update it with the new password. This ensures that your records are current and prevents any future login issues.

• Test Access to Key Features: Verify that key cPanel functions, such as email setup, file management, and database access, are working correctly with the new password. This ensures that the reset did not inadvertently affect your ability to manage your account.

• Inform Relevant Parties: If multiple users or administrators have access to the cPanel, notify them of the password change. This prevents confusion and ensures everyone has the correct access to the cPanel features.

1. Password Generator: WHM generates strong, unique passwords for cPanel accounts, meeting security standards and minimising weak passwords. These passwords are applicable to both new and existing accounts.

2. Password Strength Checker: This tool assesses password strength for cPanel accounts, evaluating complexity and length, and offers recommendations to address weak passwords.

3. Two-Factor Authentication (2FA) Manager: WHM's 2FA manager adds an extra security layer by requiring a second verification form, configurable for individual or all accounts.

4. Password Expiration Policy: This tool enforces a password expiration period for cPanel accounts, ensuring regular updates to maintain security.

5. Password Modification History: WHM logs changes to cPanel account passwords, providing a history for auditing or troubleshooting potential security issues.

• Configure Firewall and Security Settings: Review and configure the account's firewall and security settings to restrict access and prevent unauthorised connections. This adds an extra layer of protection.

• Update Account Information: Verify and update the account's contact information, such as email addresses and phone numbers. This ensures that important security notifications and alerts reach the account owner.

• Review Account Permissions: Assess and adjust permissions for the cPanel account, ensuring that only necessary privileges are granted. This prevents unauthorised access and minimises potential damage.

• Scan for Malware and Vulnerabilities: Perform a thorough scan of the account's files and databases to detect and remove any malware or vulnerabilities. This helps prevent exploitation and ensures a clean slate.

• Monitor Account Activity: Closely monitor the account's activity, watching for suspicious behavior or unauthorised access attempts. This enables swift response to potential security incidents and prevents further compromise.

1. Password Reset Failure: If the password reset fails, check if the account is suspended or terminated. Ensure that the new password meets the password strength requirements. Verify that the email address associated with the account is valid and receiving emails.

2. Incorrect Password Error: If the new password is not accepted, double-check that the password meets the strength requirements. Ensure that the password is entered correctly, without typos or extra spaces. Try resetting the password again, using a different password.

3. Account Lockout: If the account is locked out due to excessive login attempts, wait for the lockout period to expire or contact the hosting provider to reset the lockout. Ensure that the correct login credentials are used to avoid further lockouts.

4. Email Notification Issues: If the password reset email is not received, check the email address associated with the account for accuracy. Verify that the email account is not full or blocked. Check the spam or junk folder for the password reset email.

5. WHM or cPanel Access Issues: If WHM or cPanel access is denied after a password reset, ensure that the correct login credentials are used. Check that the account has the necessary permissions and privileges. Contact the hosting provider if access issues persist.

• Use Strong Passwords: Use complex passwords with at least 12 characters, combining uppercase and lowercase letters, numbers, and special characters. This makes it harder for unauthorised users to guess or crack.

• Unique Passwords for Each Account: Opt for unique passwords for each cPanel account to prevent a single breach from compromising multiple accounts. This way, even if one password is compromised, the others remain secure.

• Regular Password Rotation: Update cPanel passwords every 60-90 days to enhance security and minimise exposure. This practice limits potential damage from compromised passwords and lowers the risk of unauthorised access.

• Password Storage and Management: Use a secure password manager to store and generate strong passwords for cPanel accounts. This helps keep passwords organised, secure, and easily accessible.

• Limit Access and Privileges: Limit cPanel access and privileges to essential users and functions to prevent unauthorised changes, reduce the attack surface, and maintain account security.

When you use WHM to reset cPanel passwords, you've taken an important step in enhancing the security of your hosting environment. This process simplifies account management and fortifies your defenses against unauthorised access.

As you continue exploring WHM's extensive features, remember that maintaining a secure hosting environment relies on implementing strong security measures and consistently updating your cPanel passwords. Regular password updates are essential for protecting your digital assets and ensuring ongoing security and efficiency in your hosting setup.