Enhanced Security Mode

The enhanced security mode protects the sensitive data stored in the Plesk database. The feature is enabled by default on Plesk installations version 11 and later. If you upgrade from an earlier Plesk version, we recommend you to enable the enhanced security mode after upgrading.

To enable the enhanced security mode, go to Tools & Settings > Security Policy.

Security_Policy

Note that this operation cannot be undone. Enabling the enhanced security mode results in the following changes:

  • All passwords stored in the Plesk database are encrypted using the Plesk secret key. This way, even if a third party obtains a dump of the Plesk database, your customers are not compromised.
  • Sensitive data (for example, user passwords) cannot be retrieved using the Plesk API.
  • Password recovery emails no longer contain the password in plaintext. A link to the password reset form is sent instead.

Note: If you use Odin Business Automation Standard (OBAs) as an accompanying billing solution, the enhanced security mode should be turned on.

 

Leave your comments on this page

Leave your feedback or question on this documentation topic below. For technical assistance, contact your hosting service provider or submit a request to Plesk support. Suggest new features for Plesk here. Discuss general questions on the Plesk forum. All offtopic comments will be removed.