I see that by default the passwords in ispconfig are stored in crypt-md5 format in the database. My concern is mainly for mail passwords. The crypt-md5 requires that the password is sent in clear over the line, and this means relying on other layers of protection (ssl/tls). In many cases, the users are "ignorant" and thus they use plain text passwords over unencrypted channels. This being airport wifi hotspots, rogue links etc etc. It would be wise to allow for plain-text storage of passwords in the database, and the use of challenge-response authentication mechanisms (like cram-md5 etc), as used in most newer protocols (voip for example). IMHO it's more likely to have passwords stolen from the line, rather having a server hacked and passwords stolen from there. Is there a way to configure ispconfig to store the plain passwords instead of the crypted ones?