Password Encryption

2 posts by 2 authors in: Forums > CMS Builder
Last Post: August 8, 2017 (RSS)

Archived
Reply
Reply

By dlsweb - August 2, 2017

I am concerned that a member may not receive their password through the automated email.
Is it possible NOT to encrypt passwords when storing in database
or to be able to view as plain text password in the user accounts?

Thanks, Larry

Archived
Reply
Reply

By Dave - August 8, 2017

Hi Larry,

For security, we've moved away from storing plaintext passwords. If users didn't receive their password they should still be able to use the password forgotten/reset link to get it again. Or alternatively, if you wanted to tell them their password you could manually reset it to something else and then tell them.

We don't recommend storing plaintext passwords, but one way to do that would be to add a field "password_plaintext" and write a plugin that updates that field every time a user successfully logs in or a new user account is created.

Hope that helps!

Dave Edis - Senior Developer
interactivetools.com