Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.

Is it ok for smtp_password to be stored as plain text password in qa_options table?

+3 votes
75 views
asked May 13 in Q2A Core by delstone
The smtp_password is stored as a plain text password in qa_options table. Is this normal or a security risk?
Q2A version: 1.7.4

2 Answers

+2 votes
answered May 22 by Scott
selected May 22 by delstone
 
Best answer
That's a fair question. I think it's a different situation to users' passwords, because those should be hidden from everyone including admins. Plus users may use the same password on different sites. If the db is breached then you've given away full details of all your users, as opposed to just one email login that you can change.

In some ways, storing the email password in the db is not much different from storing it in a config file (like the db details are currently). But with the config file there is the opportunity to add extra security (like using environment variables which I believe are considered best practice these days).

So I think it would make sense to allow the email settings to be defined in the config. I'll look into doing that.
+2 votes
answered May 22 by sama55
I think it is normal. When using SMTP server, some authentication protocol is required. Usually, encrypted data is irreversible. We can not decript it. Therefore, password is stored in the database without being encrypted. Q2A seems to use LOGIN authentication type. In this type, password encoded with Base64 is sent to the transmission line. This is not dangerous, but it is also not safe. We should consider to use CRAM-MD5 that does not send passwords to the transmission line.
...