This feature does seem to generate a lot of interest! Since ROS is basically Linux, the security mechanisms in Linux can be used? Am I seeing this wrong? Linux password are stored pretty secure since they contain a salt. Don't know the details like usual:)

Any word from Mikrotik?

Or is it safe to assume that nothing is going to happen surrounding this issue?

hmmm still no reply... thats sad

Can someone at mikrotik please look into this and give a proper explanation as to why this cannot be done?

Can someone at mikrotik please look into this and give a proper explanation as to why this cannot be done?

because it's not important =) you should just lock your router in the steel safe - and all those problems are gone away

because it's not important =) you should just lock your router in the steel safe - and all those problems are gone away

LOL, sure if it was 1 rb... but on 600 nodes?!

use unique password for each RB, as it was said =)

use unique password for each RB, as it was said =)

perhaps ill just have to write my own winbox... download all the dll's off the rb's try & load them and see how it goes... If i have my own winbox password management system with filters & everything so I can display certain groups of nodes, I dont have a problem with 600 entries in my winbox db Right now, anyone can open up your winbox config file and see yet again your plain text passwords...

Wow. I must say, the complete lack of response from Mikrotik on this issue is getting to me.

@Mikrotik: How hard would it be to start supporting hashed passwords, as an optional setting by the user. I am happy if this breaks The Dude, BW monitor, API, etc, because what I want is to create a "root" user on the router that I can use in the even that Radius is down.

I will create a Radius user to use with The Dude, API, BW test, etc. At least that way nobody can steal my root password, and I can still use all the features (when using the Radius user).

And no, the sick and stupid responses of "use 400 different passwords" and "keep your backup safe" are not helping.

*Bump* Any updates?

Can mikrotik please sort this problem? Im even willing to put in development time just to get this security hole fixed!! Please let me know how I can help with this problem!!

This is not a security hole. It's your own choice to use a more secure method to connect to your router.

Use SSH with Key authentication instead of Winbox or use IPsec (or SSTP) tunnel before connecting with Winbox if you don't want command line.