Any chance of encrypting the passwords used for logging into POP accounts in a future update? Having had my server hacked last night I don't like seeing the passwords for all to see listed in the admin.
Re: [rajani] [2.0.5] Hide passwords featureIn reply to
I spoke with Alex about this also but it is not that they don't have interest in it. Some of the incoming mail modes require sending a plain text password to a pop3 server. If you want to encrypt the passwords, I think you are limited to shared pop3 for incoming messages.
I did encrypt passwords on a test version and it worked great. Once the new template version is released and stable, I will convert our live version.
I would also like to see this as an option in the admin but I can see one major drawback to it. Once you convert the passwords, there is no going back. I can see this causing problems with people who don't like to read the directions till something is broken (me).
Re: [wickedmoon] [2.0.5] Hide passwords featureIn reply to
Hi,
Charlie summed it up great. Basically if you want to use real pop accounts to store your mail, and not a shared catchall, then the passwords can not be encrypted, as the POP protocol requires sending clear text passwords.