Support » Plugin: UpdraftPlus WordPress Backup Plugin » Security enhancement: Don’t show password in web interface

  • Resolved theemstra



    It’d be great if the password that has been entered cannot be retrieved from the web interface. As you can see here and here, the password is actually written.

    So my request:
    Please do not load the password from the configuration into the web interface, only allow it to be changed by overwriting the old password.

Viewing 1 replies (of 1 total)
  • Plugin Author David Anderson



    That would not gain you anything… you’re talking about someone who has access to your UpdraftPlus page as an admin on your WP install. They can already download the WordPress database backup and read it (and everything else) out of there. Or they could use the “Export settings” facility in the “Advanced Tools” tab and get it from there.

    The best thing to do is not give WP admin credentials to people who can’t be trusted. Failing that, you can lock them out of your settings page with this add-on: .


Viewing 1 replies (of 1 total)
  • The topic ‘Security enhancement: Don’t show password in web interface’ is closed to new replies.