Skip to main content

Checkup Documentation

Users with plain text passwords

severity-critical cms-user-plain-text-passwords


In this age of security breaches, you want to do everything you can to protect your users. While not best practice, many users use the same username and password for multiple sites. So even if your site does not contain sensitive data, your users may still be at risk. They may be using that same username/password on a site that DOES contain sensitive data. Hackers know this and take advantage of this. While we hope your organization never has a data breach, we want to ensure your users are protected.

This check reviews your users to see if any of them are set to use plain text passwords. 

Check Logic

Constant Care for Kentico will ensure the Number of users with plain text passwords is no more than 0 (default)

You can manage your settings for this checkup in the Constant Care for Kentico admin settings.


If your system does have users that have plain text passwords, you will want to ask them to reset their password (after you have fixed your possible password format issue).

Not sure what to do?

If you are ever unsure about making changes to your site, we encourage you to reach out to your Kentico Xperience Gold Partner. If you do not have a partner, then feel free contact the Constant Care For Kentico team to get connected with an expert.