Title: Security concern Last modified: August 16, 2020 --- # Security concern * Resolved [laetitiad](https://wordpress.org/support/users/laetitiad/) * (@laetitiad) * [5 years, 10 months ago](https://wordpress.org/support/topic/security-concern-9/) * Hi, * First of all, thank you very much for this plugin, it works great! * I have a question about security. When using the login API, the data returned contains a lot of informations, e.g the ‘data’ object has the user_pass hashed in it. I find this quite concerning, as I believe the user pass should not be transmitted in any way, hashed or not. * What do you think? * Thanks in advance * Laetitiad - This topic was modified 5 years, 10 months ago by [laetitiad](https://wordpress.org/support/users/laetitiad/). - This topic was modified 5 years, 10 months ago by [laetitiad](https://wordpress.org/support/users/laetitiad/). Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Author [michielve](https://wordpress.org/support/users/michielve/) * (@michielve) * [5 years, 10 months ago](https://wordpress.org/support/topic/security-concern-9/#post-13264515) * Hi, * I think you have a point about the hashed password. It’s of no use so why return it. If I have time I’ll look into this and remove it from the response. * If you have other fields you think are not safe to return, please let me know! * Best wishes, Michiel * Plugin Author [michielve](https://wordpress.org/support/users/michielve/) * (@michielve) * [5 years, 9 months ago](https://wordpress.org/support/topic/security-concern-9/#post-13277046) * Hi, * I’ve released a new version (20200818) and now the `user_pass` is removed from the returned user. Thanks for letting me know! * Best wishes, Michiel * Thread Starter [laetitiad](https://wordpress.org/support/users/laetitiad/) * (@laetitiad) * [5 years, 9 months ago](https://wordpress.org/support/topic/security-concern-9/#post-13280190) * Wow, thank you very much for the quick fix! * If there is another field that doesn’t look appropriate, i’ll let you know… so far it seems okay 🙂 * Thanks again for the nice plugin and support * Have a nice day * Laetitiad Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Security concern’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/api-bearer-auth.svg) * [API Bearer Auth](https://wordpress.org/plugins/api-bearer-auth/) * [Frequently Asked Questions](https://wordpress.org/plugins/api-bearer-auth/#faq) * [Support Threads](https://wordpress.org/support/plugin/api-bearer-auth/) * [Active Topics](https://wordpress.org/support/plugin/api-bearer-auth/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/api-bearer-auth/unresolved/) * [Reviews](https://wordpress.org/support/plugin/api-bearer-auth/reviews/) * 3 replies * 2 participants * Last reply from: [laetitiad](https://wordpress.org/support/users/laetitiad/) * Last activity: [5 years, 9 months ago](https://wordpress.org/support/topic/security-concern-9/#post-13280190) * Status: resolved