Openprovider has enacted a new password expiration policy to ensure the safety of our customers’s data. From May 10 on, user passwords will expire every 180 days. When a user signs into the Reseller Control Panel with an expired password, they will be prompted to create a new password.
Previously, changing the password at the prompt was optional, but in the interest of increased security, we have decided to make it mandatory.
API
Our platform supports two options for API authentication: your username with either your password or with password hash. Please see our API Documentation for more details.
Please note that every time you change your password in the Reseller Control Panel, a new hash value will be generated for the corresponding username. If your hash expires (every 180 days), your API calls will fail and return an authentication error.
Some other reasons to change your password/password hash
With our new password expiration policy, we will ask you every 180 days to change your password. But there might be reasons why you would like to change your password more often. These could include;
- If you saw someone looking over your shoulder as you were typing your password;
- If you have a reason to believe your password has been stolen;
- If you shared your password with a friend or colleague;
- If your current password is weak;
- If it will make you feel better or if you just feel like it’s time for a change.
If any of these apply to you, then by all means go ahead and change your password and password hash!
Future plans
By the end of May 2017, we will be providing you more control over which of your contacts have API access. By default, API access for newly created accounts will not be active. To enable API access for a given contact, the administrator contact must explicitly enable API access. Once this feature is available, we will make an additional announcement for you to review which of your contacts are actually used for API integrations, and advise you to switch off access for others.
For more information about this topic, please take a look at our recent blog post about security.