Password in clear text?
Moderators: Chris Corbyn, General Moderators
Password in clear text?
Setting up SMTP authentication requires both a "username" and "password" for a SMTP server. While the "username" doesn't present a problem do people put the "password" into their PHP source file? What ways, if any, are there around this as this seems like a security problem?
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Re: Password in clear text?
It's just the same issue as putting a MySQL username and password in a PHP file. If someone has access to your server to read such PHP source code you have bigger issues. Putting it outside the web root will help 
Re: Password in clear text?
Thanks. It probably also wise to have a unique username/password just for email access so no personal accounts get compromised