1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 Conversations (PM) Privacy

Discussion in 'XenForo Questions and Support' started by sgr, Apr 27, 2015.

  1. sgr

    sgr Active Member


    Looks like all conversations are stored unencrypted inside the database, and whoever has access to the database can read them.

    Is there an option to encrypt them, in order to enhance the privacy on a forum?

    I haven't used other forum softwares (IPB/VB), but is it like this in them too (PMs stored unencrypted)?
  2. Brogan

    Brogan XenForo Moderator Staff Member

    There is no configurable option to encrypt that content.

    If I remember rightly, phpBB also stores it in plain text.
    I can't comment on any other scripts as I haven't used them.
  3. Jeremy

    Jeremy Well-Known Member

    vBulletin stores them unencrypted too. Pretty standard practice and I don't know of a software that attempts to hide them in the database.
  4. Alfa1

    Alfa1 Well-Known Member

    Only the administrators and host theoretically have access to conversations in the database. In practise there are very few administrators that actually go into the database to search them.
    However, in case of unlawful activity, rules breaches or abuse its wise to have access to conversations, so that you can deal with it when needed.
    sgr and Amaury like this.
  5. Daniel Hood

    Daniel Hood Well-Known Member

    Encrypting them in the database would be kind of pointless. In most cases, people that have access to the database would also have access to the file system which would leave them with the ability to get the code to decrypt them (since you would have to be able to decrypt them to show the members). The reason passwords can be encrypted is because there is no need to get them back into plain text anywhere.
    sgr and Amaury like this.
  6. sgr

    sgr Active Member

    Yeah. Good point.
    Daniel Hood likes this.

Share This Page