A single cPanel account can be accessed through several passwords available on the server.
By default, when installing the cPanel Software, the following Tweak Settings configuration:
"Accounts that can access a cPanel user account"
Is set to:
"Root, Account-Owner, and cPanel User"
This would ultimately mean that the Root and Reseller(s) can use their passwords to access the cPanel account that they own. Because of this, a cPanel account can be accessed through 3 passwords.
In order to work around this, the above configuration under the "Tweak Settings" page in WHM, would need to be disabled or reconfigured for a different set of users. Another option would be changing the Reseller or Root password if the cPanel user already knows of the password.