Passwords should not be sent in plain text

The current default implementation in the Accelerator is that if a customer chooses to have an account created when placing an order, an email containing the password in plain text is sent to the registered email address.

Even though it's possible to replace this implementation, the default one in the Accelerator should offer a higher level of security by using a different flow, for example a one-time use link.

Nils Nyman
Jun 4 2020
Shipped

Accelerator MVC

Comments (2)
Votes (17)

Attach files

Enter a subject

Sami Grahn commented

December 10, 2021 08:48

Great news!

×
Attachments Open full size
Admin

Ludvig Block commented

December 10, 2021 08:46

This ability was shipped in version 8.1.

×
Attachments Open full size

Ideas

Give us your best ideas!

Passwords should not be sent in plain text

Related ideas

Passwords should not be sent in plain text

Attachments Open full size

Attachments Open full size

Identify yourself with your email address

Related ideas