Securepay Payment plugin database table

Hi Tuan,
we have purchased Membership pro, and the Securepay payment plugin.

After inputting my securepay login and password, I happened to open up my database tables. and in the
xxxx_osmembership_plugins table, under the os_securepay row, I was distressed to find the my login and password
to securepay has been stored as plain text in the params column. yikes.

Now.. Seriously????
Are we to believe that storing a plaintext password that can access payment gateway system that controls virtually unlimited amounts of money from our financial institution is a good idea?

I have been a programmer for many years, and although there is no BULLETproof way to store that info, couldn't it at least be obfuscated or encoded somehow? I could do a simple RSA encryption class and excode it byte-by-btye.. I realize there is no way to protect my access method given that PHP is a open source files kind of setup.. but I know I could sure at least make it VERY HARD for someone to figure out how I was encoding/decoding..

Hi Sheila

At the moment, yes, that information is stored as plain text in database and I agree that it's not safe in case someone hack the site and got the database

I will try to find a way encrypt/decrypt that data sometime next week (I am sick at the moment and will need about one week to get recovered)

Hope that's OK for you

Regards,

Tuan