We can see the password is stored in clear text under config.php
Any plan to store the password(s) in encrypted text?
Regards,
Judhi
Thanks @judhip
That’s already built for version 5.
That said, as long as nobody has access to your server via SFTP or another connection, then the current version will not be an issue as that config.php file is never printed in the site’s HTML or a text file so it’s unreadable, accept for the site admin.
This password encryption (salting and hashing) was added in Pulse5 - including no longer placing the password in plain text in the config.php - it’s not stored there anymore.