Ideas

Give us your best ideas!

Passwords should not be sent in plain text

The current default implementation in the Accelerator is that if a customer chooses to have an account created when placing an order, an email containing the password in plain text is sent to the registered email address.

Even though it's possible to replace this implementation, the default one in the Accelerator should offer a higher level of security by using a different flow, for example a one-time use link.

  • Nils Nyman
  • Jun 4 2020
  • Shipped
  • Attach files
      Drop here to upload
    • Sami Grahn commented
      December 10, 2021 08:48

      Great news!

    • Admin
      Ludvig Block commented
      December 10, 2021 08:46

      This ability was shipped in version 8.1.