You should change your server root password occasionally to maximize your site security. You should always change this password if you think someone else has access to your WebHost Manager account.
NOTE: Do not give out your root password to anyone that does not absolutely need it. If you are to give out your route password to cPanel, or other staff, please verify their email address before you give them the password. Your password should not contain dictionary words and should be a combination of letters, numbers, and special characters.