Hi all
When i login with winbox to mikrotik Routerboard, and run "ppp secert print", i see the VPN users password show clearly!! can we disable this, i think it is Security issue.
Re: PPP secert Password [SOLVED]
In a word, no.
Some encryption algorithms (notably CHAP) require the plaintext password so PPP secrets (for servers), passwords for VPN/PPPoE clients, wireless PSKs, etc. are all stored as plain text in the configuration file.
Only trusted administrators should have full access to the Mikrotik. When using Winbox the 'Hide Passwords' option replaces the text with * to prevent casual observation, from the command line the configuration can be exported without password, etc., using '/export hide-sensitive'.
You can also create additional Mikrotik logins with fewer permissions, for example to allow support staff access for monitoring purposes but not see sensitive information.
Some encryption algorithms (notably CHAP) require the plaintext password so PPP secrets (for servers), passwords for VPN/PPPoE clients, wireless PSKs, etc. are all stored as plain text in the configuration file.
Only trusted administrators should have full access to the Mikrotik. When using Winbox the 'Hide Passwords' option replaces the text with * to prevent casual observation, from the command line the configuration can be exported without password, etc., using '/export hide-sensitive'.
You can also create additional Mikrotik logins with fewer permissions, for example to allow support staff access for monitoring purposes but not see sensitive information.