• Resolved Alwin

    (@wp-opti)


    I like to use the SMTP mailserver from my webhost. To do so I have to enter my username and password in the Post SMTP settings.

    In other SMTP plugins the password is protected:

    – in WP Mail SMTP the password can be stored in wp-config
    – in Easy WP SMTP the passowrd can be stored with encryption in the database

    But in Post SMTP I see no option to protect my SMTP password?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter Alwin

    (@wp-opti)

    Thank you for the link yehudah! One more question:

    How exactly does storing the username/password in wp-config increase the security?

    I am the only user who is logging in at the wp admin from my websites. However, when my website would get hacked then the hacker also has access to my wp-config file and then also to the username/password stored in there?

    So is storing username/password in wp-config only helpfull when I would have more wordpress users logging in at the admin?

    it depends on the hacking, I guess that file system hacking is harder to implement.
    In the case of full website hacking, nothing will help you and none of the plugins you mention.

    The only thing I can think of is using OAuth – supported by Google and maybe other providers.

    Thread Starter Alwin

    (@wp-opti)

    Thank you for your help!

    One last question about this:

    I want to keep using the SMTP server from my webhost. Would it not be a good idea when I setup a specific domain name with an email address that I only use for the SMTP authentication settings in Post SMTP?

    This specific domain name/email address is then only used for this and nothing else. The domain has no website, just the email address, which is only used for the SMTP authentication settings in Post SMTP on all my websites.

    This way, when one of my websites would get hacked and the hacker would get access to the username/password of this email address it is no problem for me, because I can easily delete the email address and set up a new one (with antoher domain) for this purpose.

    At this moment I am using email addressess with the same domain has the websites main domain. When it would get hacked then the hacker could get access to the mailbox and sent out a lot of spam which will hurt the domain name reputation a lot of course.

    So do you think using a specific email address for the SMTP authentication would indeed increase my security?

    Thank you ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Protect SMTP password?’ is closed to new replies.