SMTP Password is stored in clear (2 posts)

  1. ted_smith
    Posted 3 years ago #


    The SMTP Authentication password appears in plain text in the settings. Is the password then transmitted in a "public" way? i.e. if the site is used over http instead of https, is there a realistic possibility that without too much difficulty the password could be seen by anyone using my contact form? Or would they only be able to do so if they had compromised my system or my network etc in the first place? What I'm getting at is, could Joe Public see this password just by visiting my website?


  2. andrew_wilkes
    Posted 3 years ago #

    The password is transmitted from the web server of the website to the SMTP server, so Joe Public cannot see it since he is connected to the web site via another path.

    As Joe Public, all you can see is the web page source or data traffic between your browser and the website server (if you use a packet sniffing tool such as WireShark).

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • WP Mail SMTP
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic