We are using a Moodle Partner to provide a customised Moodle platform. The first issue that we have is that the SMTP outgoing email server password is completely visible to all administrators. All they need to do is click the eye icon. The SMTP server we use provides email relay for many of our corporate activities, and we don't really want to share these passwords with anyone. Please tell me there is a better way here?
Surely this should be encrypted at rest, and not simply accessible to anyone who passes through. Even administrators should not be able to simply uncover this at will. If they can, and this "feature" cannot be disabled, then this is very concerning.