Quote:
Originally Posted by SethM
IMO that would be just as bad as storing the user's password in the clear. User passwords should be one-way hashed, never encrypted (which is reversible).
|
Ideally, yes. But login credentials to third-party SMTP servers must be available in plain text whenever the user tries to use the corresponding identity, so you can't hash them with an irreversible one-way algorithm.
Still, reversible encryption would thwart a lot of potential attackers, so it has some value. Since data at rest (on disk) is now protected with a password that isn't stored in plain text in the first place, an attacker who wants to see plain-text credentials faces the much more difficult task of capturing them just as they are being decrypted (in RAM). Security isn't all or nothing. Just because you can't protect against every attack doesn't mean you don't need to protect against some attacks.
But again, this is just something I'd put at the bottom of a very long wishlist. I would
not hold it against any e-mail service provider if they didn't encrypt login credentials to third-party SMTP servers. Polarismail is a very competent company and I trust that they can keep their servers out of harm's way.