Thank you for visiting the Rackspace Community
The The Community is live! Post new content or topics so our teams can assist.

Please contact your support team if you have a question or need assistance for any Rackspace products, services, or articles.

24 character passwords


I went to login to my Cloud Server today and was greeted by the following:

There were 17818 failed login attempts since the last successful login.

Seeing this message never fails to remind me that any device connected to the internet is a target. Somebody, somewhere, really, really wants to get into your server. Either to control it, or to see what information is available within. The other thing to keep in mind is that the responsibility of securing your Cloud Server rests squarely on your shoulders. If your server is compromised and hosts a public ftp site, guess who's footing the bandwidth bill?

The only aspect of server security that Rackspace controls is the initial administrative user ( root, administrator, etc. ) account's password. To that end, Rackspace is changing the criteria it uses to create those  passwords from 12 characters to 24. Since there are roughly 70 ( 52 upper/lower case, 10 numeric, 8 special ) characters available for use in your password, we've increased the possible number of combinations by about one and a quarter sextillion.

Now that your server can exist for some time without its administrative password being brute forced, its time to make your server secure. See https://support.rackspace.com/how-to/configuring-basic-security/ for Linux servers. See https://support.rackspace.com/how-to/windows-server-security-best-practices/ for Windows servers.