How does KH protect our root password?

[RSS-Artie]

Hello,

In light of recent social engineering hacking at WHMCS, I would like to understand how KH protects our root password, and how requests for changing or a reset are handled.

Thanks.

 

[KH-Paul]

Password reset request must be received from one out of two authorized email addresses on file.

 

[RSS-Artie]

What if the billing login is hjacked and the emails are changed?

Is there anyway to enable additional security measures?

 

[KH-Paul]

Request authentication for password reset is done based on the email address of whoever created ticket. As for billing information - please feel free to open a ticket with the billing team to discuss this.