If you are a provider, selling VPS for the general public this very simple but yet extremly effective WHMCS hack from Joe Dougherty @ Securedragon (known as KuJoe on Lowendtalk and ZKuJoe on WHT) is recommended for all of you.
This hack doesn’t allow the end-user to select their VPS password but instead generates a random one for the user.
This does not only fix the problem with users choosing a too-simple password, but also the users that actually sets a password with certain special characters that would break SolusVM’s API and cause your VPS to be created without an IP assigned to it.
/templates/orderforms/<template you are using>/configureproduct.tpl
for your convenience here is a link to a textfile with both lines.
(WordPress does have a problem pasting this code 🙂 )