WordPress.org

Ready to get started?Download WordPress

Forums

Easy WP SMTP
pwd stored in the clear (3 posts)

  1. Andrzej
    Member
    Posted 8 months ago #

    It appears that the plugin stores the password in-the-clear. Is there any way to encrypt it - just in case someone gets access to the WP database?

    Otherwise, thanks for the nice plugin. Worked first time out of the box :)

    http://wordpress.org/plugins/easy-wp-smtp/

  2. PaulMighty
    Member
    Posted 6 months ago #

    I second that request! The WP Mail SMTP plugin also has this issue:
    http://wordpress.org/support/topic/suggestion-hide-stmp-password

    Bummer,
    -PaulMighty

  3. floatingpointmatt
    Member
    Posted 1 week ago #

    This still appears to be the case, and despite arguments to the contrary, WP stores user passwords encrypted so that in the event the database is exposed (even if WP is not compromised) it's not a cake walk for whoever sees the data to use the information.

    A possible solution can be found here:

    http://wordpress.stackexchange.com/a/25792

    Something like this creates concerns about using the plugin.

    (I don't use the feature, but don't want to be put in a position where I need SMTP authentication and know the potential for avoidable mishap is present.)

Reply

You must log in to post.

About this Plugin

About this Topic