Why not encrypt the password? | WordPress.org

chrisrollins
(@chrisrollins)

4 years, 3 months ago

Is there any reason you don’t encrypt passwords before storing them in the database?

The one reason I’ve decided not to use this plugin is because it stores the mail password in plain text.

There are so many great resources that make it a trivial matter to encrypt/decrypt information quickly that I’m having a hard time understanding why you don’t take this simple yet important security measure.

Viewing 1 replies (of 1 total)

Sanjeev Aryal
(@sanzeeb3)

4 years, 3 months ago

HI @chrisrollins, @chrisrollins,

I apologize for any confusion. We need to store the password in clear text because we need to send this password to SMTP Host server in clear text. Reversible password hashing technique does not work in this case.

In case it helps, you can secure your settings by using constants. We have documentation for defining constants.

I hope this helps!

Viewing 1 replies (of 1 total)

The topic ‘Why not encrypt the password?’ is closed to new replies.

Tags

password

In: Plugins
1 reply
3 participants
Last reply from: Sanjeev Aryal
Last activity: 4 years, 3 months ago
Status: not a support question