Hi,
We know that this is pretty odd, that some kind of passwords are store in plain text. We have to store this password in any form that is readable to EPESI, because EPESI acts as a client and needs to use this password. Using RoundCube there is a similar situation.
Main difference is that encrypted password is not human readable, what may be preferred situation to hide passwords from admins. But this passwords will be always recoverable due to reason mentioned earlier. So curious admin always can read your password.
Best what we can achieve is to encrypt passwords with unique key stored in /data directory. In such situation to decrypt stored passwords, you have to have access to database and files.
And that's what we're going to do! We have an idea to create EPESI keystore to hold encrypted passwords in one place.
If you want to help us, we're migrating to GitHub and any pull requests are welcome 🙂
Regards,
Adam
