Webmail login page: add "safe word"

voidzero

voidzero

Member
May 12, 2017
10
2
53
NL
cPanel Access Level
Root Administrator
Hi, I would like to be able to change the webmail login-page slightly, in that I'd like to add a safe-word to it.

There are a lot of fraudulent websites and there is a big risk that someone unwittingly fills in their username/password to a phishing website. With a safe-word, this risk could be somewhat reduced. For example, I can tell my clients that they should not fill in a cpanel or webmail page unless they see the safe-word "Nebraska" on that login-page.

Hope you like my idea. I know it's not perfect, but at least it's one extra measure against phishing attempts. Ideally the safe-word would be domain-specific, in order to thwart reconaissance somewhat (although they can still link webmail pages to IP addresses).
 
vanessa

vanessa

Well-Known Member
PartnerNOC
Sep 26, 2006
959
76
178
Virginia Beach, VA
cPanel Access Level
DataCenter Provider
why not just have them ensure they are logging into the correct webmail URL? it's much easier for them to verify the site, and if your safe word is present on the site and someone wanted to duplicate your webmail login, don't you think they'd copy that?
 
  • Like
Reactions: voidzero
voidzero

voidzero

Member
May 12, 2017
10
2
53
NL
cPanel Access Level
Root Administrator
vanessa said:
why not just have them ensure they are logging into the correct webmail URL? it's much easier for them to verify the site, and if your safe word is present on the site and someone wanted to duplicate your webmail login, don't you think they'd copy that?
Click to expand...
Hi Vanessa, thanks for responding. Yes, URL verification is important too (even more so indeed).

About duplicating the site – this is not to counter specifically targeted attacks but for generic phishing mails that make use of generic cpanel spoofing.

I'm working with some users that are 70+ years old, bless their hearts. I need something extra to counter "but the email looked so convincing" type of arguments. "did you verify the URL" is more complicated to them than "was the safe word there when you logged in?"
 
Last edited:
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
A How to make Webmail Home Page the Default at login? Email 5
G SOLVED Can't login to WebMail: "The page isn’t redirecting properly" Email 11
I Webmail Login Success But Redirect to Roundcube Login Page Email 13
C godaddy webmail login page Email 4
T Skip the page after webmail login. Email 3
Similar threads
How to make Webmail Home Page the Default at login?
SOLVED Can't login to WebMail: "The page isn’t redirecting properly"
Webmail Login Success But Redirect to Roundcube Login Page
godaddy webmail login page
Skip the page after webmail login.
Top Bottom