Password Security


New Member
In setting up NLM, the settings file requires the site's admin login ID and password to be placed in the file in ASCII text. That to me seems like a security risk. In the event that someone gained entry to the site and was snooping around they might discovered this file. Then they'd have complete access to change anything. What am I missing?

Also, I assume the mySQL ID and password can be different than the admin ID and password in the settings file. When does this mySQL ID get used? Is that the one I need to put into my php templates or is it the admin ID?


Staff member
Admin ID and password are for MaxBulk Mailer to run MLM only. They are in a separate file just to increment security. To still your data a user should have stolen your FTP data first.

Indeed that ID/password has nothing to do with your mySQL data. The mySQL data has to be set with mySQL first.