We get many service requests with passwords that are 10-20 even 50 characters long. For some reason, people think that the larger the password the harder it is to crack. While this is theoretically true, in practice, any password longer than 12 characters is sufficient. What people do not realize is that if you send a 20-character password over a clear text protocol it is just as easy to sniff off the network as a much shorter password. You can have a great password policy but if you are transmitting your passwords in plain text, then they are vulnerable to packet sniffers. If your server is located in a hostile network, such as a leased system at a server provider, then a nearby system could be used to sniff your data.
For years people have warned against using telnet as it sends your passwords in plain text. I have seen large institutions completely remove telnet from their operations, but fail to completely eliminate clear text protocols. Popular clear text protocols include: FTP, Telnet, POP3, IMAP, and SMTP. The most frequently used clear text protocol is not telnet but POP3. If you have a standard POP3 account, you are sending your password as plain text every few minutes. If you are checking an "admin" email account, then an attacker could obtain your password using any number of easy to use packet sniffers.
Fortunately, for most services, secure SSL encrypted options exist. Everyone is familiar with HTTPS, but you can also use POP3S, IMAPS, and SMTPS.
All of these email protocols encrypt your communications over SSL, thus hiding your password from prying eyes. Recent versions of popular control panels like CPANEL, Plesk and Ensim support secure alternatives to standard email protocols. The implementations vary and you may need to get an SSL certificate, but for the most part, you can easily switch from using plain text protocols to secure ones.
We recommend that all clients to begin a migration to secure communication methods. Ideally, we would like to see plain text protocols eliminated all together from a server. This includes FTP. Many newer FTP clients also include a SFTP or secure-FTP option. The clients vary but these are using either SSH's secure file transfer capability or an SSL encrypted FTP channel. Both of which provide secure communications between the client and server. Eliminating clear text protocols is just one of several steps in securing your network operations.
See Ohio State's help page for information on how to enable POP3S and IMAPS support in Outlook.
A quick search on Google will net you several other references and how-tos.
