Just curious to see if it would be feasible to store the email account password not so plainly? Maybe add a dash of hashing? That would be for the emails listed in /Admin/EmailAccount/List/
Right, anything should be better then saving in plain text correct? As long as someone can not simply see the password by peeking inside the DB would be advantageous I think...
If you want you can encrypted the password when the email record is saved Then decrypted the password when you read the email record from the database Have a look at the routines in EmailAccountService in nopCommerce_4_Source\src\Libraries\Nop.Services\Messages\EmailAccountService.cs
Just curious to see if it would be feasible to store the email account password not so plainly? Maybe add a dash of hashing? That would be for the emails listed in /Admin/EmailAccount/List/
It's surprising and concerning that nopCommerce isn't taking precautions to secure passwords stored in the database. It does so for the Customers table but not the email accounts. Why not?
However, they need to consider that many store owners use third party vendors to support them. (And if the DB is hosted, then the hosting company staff could have access to DB too).
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
Vous avez encore des questions ou avez besoin d'aide?