The enhanced security mode protects the sensitive data stored in the Plesk database. The feature is enabled by default on Plesk installations version 11 and later. If you upgrade from an earlier Plesk version, we recommend you to enable the enhanced security mode after upgrading.
To enable the enhanced security mode, go to Tools & Settings > Security Policy.
Note that this operation cannot be undone. Enabling the enhanced security mode results in the following changes:
- All passwords stored in the Plesk database are encrypted using the Plesk secret key. This way, even if a third party obtains a dump of the Plesk database, your customers are not compromised.
- Sensitive data (for example, user passwords) cannot be retrieved using the Plesk API.
- Password recovery emails no longer contain the password in plaintext. A link to the password reset form is sent instead.
Note: If you use Odin Business Automation Standard (OBAs) as an accompanying billing solution, the enhanced security mode should be turned on.