Re: Displaying customer passwords to admin
I have to agree with carpeperdiem. In-fact I don't even agree with the fact that the passwords in X-Cart by default use a method that allows the passwords to even be decrypted. We re-wrote our system to use a one-way SHA512 hash for all passwords that way there's no way to access them or retrieve them (customers are required to reset them).
|