Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+3 votes
722 views
in Q2A Core by
The smtp_password is stored as a plain text password in qa_options table. Is this normal or a security risk?
Q2A version: 1.7.4

2 Answers

+2 votes
by
selected by
 
Best answer
That's a fair question. I think it's a different situation to users' passwords, because those should be hidden from everyone including admins. Plus users may use the same password on different sites. If the db is breached then you've given away full details of all your users, as opposed to just one email login that you can change.

In some ways, storing the email password in the db is not much different from storing it in a config file (like the db details are currently). But with the config file there is the opportunity to add extra security (like using environment variables which I believe are considered best practice these days).

So I think it would make sense to allow the email settings to be defined in the config. I'll look into doing that.
+2 votes
by
I think it is normal. When using SMTP server, some authentication protocol is required. Usually, encrypted data is irreversible. We can not decript it. Therefore, password is stored in the database without being encrypted. Q2A seems to use LOGIN authentication type. In this type, password encoded with Base64 is sent to the transmission line. This is not dangerous, but it is also not safe. We should consider to use CRAM-MD5 that does not send passwords to the transmission line.
...