Plain Text Password

  • Resolved RafaelDeJongh

    (@rafaeldejongh)


    7 years, 10 months ago

    I find the plain text password quite unpractical in case someone might look over your shoulder, while I completely understand to why this has to be in plain text to be then encrypted in the database and what not, I do am wondering why you’re not changing the type from this input field to password? As in:

    <input name=”smtp_pass” type=”password” id=”smtp_pass” value=”” size=”40″ class=”code”>

    This will still parse the password as plain text to the database, but will prevent overlooker to actually see the password.

    I’ve personally changed this to the plugin for personal use, but I would love to actually see this being changed for the official release so that it’s just a tiny bit more secure for those who don’t know how to retrieve such password.

Viewing 2 replies - 1 through 2 (of 2 total)

  • It’s not “a tiny bit more secure”, it would just look more secure which is a bad thing. I want users to be clear that the password must be stored in plain text for the plugin to work.

    Thread Starter RafaelDeJongh

    (@rafaeldejongh)

    Yea with the message that’s quite clear, it could be just a layer for non tech-savvy people to not directly see/copy the current plain text password.

    Even if it still gets stored as plain text in the database, having it open like this just feels bad in a way :/

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Plain Text Password’ is closed to new replies.