Open streamcoindev opened 6 years ago
I know, I've been kicking around a good way to approach this for a while. Unfortunately I'm not coming up with anything because it's an external server being authenticated against. I can't send a hash over because it would just get re-hashed on the mail server side, so I unfortunately don't see any way to store this that wouldn't involve ultimately decrypting it and sending it as plain text anyway. And if they have access to your database, they'll likely have access to your code base as well to be able to find the hashing key, so yeah. I admit that's not good.
I'm planning on adding additional mail methods in the near future, so hopefully I'll be able to figure out a betters strategy to tackle this problem.
Will this be changed in the future ?