Viewing 15 replies - 1 through 15 (of 17 total)
  • Yeah, that’s my suggestion too. It’d be great if the password field was obscured.

    If you really want to hide password from admin you can edit
    /wp-content/plugins/wp-mail-smtp/wp_mail_smtp.php
    on line 305
    change line
    <td><input name="smtp_pass" type="text" id="smtp_pass" value="<?php print(get_option('smtp_pass')); ?>" size="40" class="code" /></td>

    to
    <td><input name="smtp_pass" type="password" id="smtp_pass" value="<?php print(get_option('smtp_pass')); ?>" size="40" class="code" /></td>

    Anyway, anybody who just check source code will be able to see password easily. Also this change will be lost after plugin will update in future.

    In this case maybe better solution will be add this to your config.php file
    define(‘WPMS_ON’, true);
    define(‘WPMS_MAIL_FROM’, ‘From Email’);
    define(‘WPMS_MAIL_FROM_NAME’, ‘From Name’);
    define(‘WPMS_MAILER’, ‘smtp’); // Possible values ‘smtp’, ‘mail’, or ‘sendmail’
    define(‘WPMS_SET_RETURN_PATH’, ‘false’); // Sets $phpmailer->Sender if true
    define(‘WPMS_SMTP_HOST’, ‘localhost’); // The SMTP mail host
    define(‘WPMS_SMTP_PORT’, 25); // The SMTP server port number
    define(‘WPMS_SSL’, ”); // Possible values ”, ‘ssl’, ‘tls’ – note TLS is not STARTTLS
    define(‘WPMS_SMTP_AUTH’, true); // True turns on SMTP authentication, false turns it off
    define(‘WPMS_SMTP_USER’, ‘username’); // SMTP authentication username, only used if WPMS_SMTP_AUTH is true
    define(‘WPMS_SMTP_PASS’, ‘password’); // SMTP authentication password, only used if WPMS_SMTP_AUTH is true
    */

    With correct details. This will disable completely admin area of this plugin, so it will be hidden in your config.php file.

    Also keep in mind, that password with smtp for regular email is not the best way how to handle transactional emails for your site.
    Check Mandrill which use api key and give you 2000 free emails per month and it works well with this plugin. It is high quality solution for transactional emails available now.

    Thread Starter developer

    (@yammy)

    Hmm right, can I then add only the password define into the config, remove the password field from from, but leave the rest ?

    It’d be better if you could also put an md5 hash on the password, then nobody could figure it out looking in the form source. =]

    It’s just for a contact form, then I can use the site server as mailer, but thanks for the mailing suggestion, i will have it annotated here 😉

    Doesn’t WP Mail SMTP have a debug output? The password is still in the SMTP session transcript, no matter what you do.

    Good point Jason, that would need to be obscured too, but then to the casual observer the password wouldn’t be visible.

    I say you’re all attacking this from the wrong angle. The real question is why are you letting users you don’t trust have admin access to your site??

    We build sites for customers who then want to make their own changes – I’d like to hide that password from those users.

    Then those customers should input their own SMTP settings. Right?

    Graham, is your case a WPMU network? Where all subsites use the network config?

    We relay all e-mails through SendGrid which allows us to troubleshoot routing issues and check when a customer should have received a certain enquiry, etc.
    When we create a new WordPress site it’s done using Duplicator to reduce the time taken, and in that ‘template’ we have the SMTP password. I suppose the ideal option would be for each customer to have their own password in SendGrid. That would work for us, but maybe not everyone else.

    That idea has prompted me to dig further in SendGrid and I found new options that allow me to create multiple user accounts to route mail.

    Much better.

    Thread Starter developer

    (@yammy)

    Well, wathever the smtp mailer is, hidding the password is just a matter of security, in fact this is the first form with a password field that actually display it in plain text, that I have ever seen in a wordpress plugin. This is the first not paranoic developer I have found. :]

    yammy this is open source … nothing to hide 😀

    Fill password to any third party app is not secure at all. For this purpose exist OAuth or Api key.

    I have to agree with Peter, @yammy. Hiding the password, in this scenario, does nothing to improve your security. In fact, it lulls you into a false sense of security which is worse.

    The author of this plugin already explained his position on why the password is in cleartext, and IMHO he’s 100% correct: https://wordpress.org/support/topic/works-as-it-should?replies=3#post-3918398

    Offline-authentication was never meant for use on shared, multi-user systems.

    Thread Starter developer

    (@yammy)

    So.. Hmm.. He claims that can’t use encription. But can’t you just save the password with md5 hash in database, and then retrieving it with md5 decrypt, before sending to smtp ?

    For example, wordpress user does that. Why can’t the plugin do the same ? Is it any specific issue with smtp authentication ?

    []s

Viewing 15 replies - 1 through 15 (of 17 total)

The topic ‘open password field – please don't !’ is closed to new replies.