Title: Terrible security practice
Last modified: March 14, 2021

---

# Terrible security practice

 *  [weetabix](https://wordpress.org/support/users/weetabix/)
 * (@weetabix)
 * [5 years, 3 months ago](https://wordpress.org/support/topic/terrible-security-practice/)
 * Bucket keys/info are stored in plain view in the database of each child-site 
   and are common amongst all children from the mainwp dashboard settings.
 * This means that if someone gets access to one of your clients sites and are able
   to read the wp_options table, they have access to all the backups of the other
   mainwp children sites.
 * This need to be rethought.
 * I commend the ease of use, but this is just a no go for security reasons.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Plugin Support [tonyrobins](https://wordpress.org/support/users/tonyrobins/)
 * (@tonyrobins)
 * [5 years, 2 months ago](https://wordpress.org/support/topic/terrible-security-practice/#post-14182358)
 * Hi [@weetabix](https://wordpress.org/support/users/weetabix/)
 * Thanks for pointing this out.
 * Actually we are preparing a new version where the storage credentials will be
   encrypted in the database.
 * The new version should be ready in the next 24 hours(around) and I am going to
   let you know once it’s live.
 * Cheers,
 * WPvivid Team
 *  Plugin Support [tonyrobins](https://wordpress.org/support/users/tonyrobins/)
 * (@tonyrobins)
 * [5 years, 2 months ago](https://wordpress.org/support/topic/terrible-security-practice/#post-14189294)
 * Hi [@weetabix](https://wordpress.org/support/users/weetabix/)
 * Just a quick update,
 * As mentioned earlier, we have released a new version of the extension – 0.9.15
   where the storage credentials have been encrypted in the database.
 * Please update the extension and check it out. And many thanks again for helping
   make the plugin better!
 * All the best,
 * WPvivid Team

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Terrible security practice’ is closed to new replies.

 * ![](https://ps.w.org/wpvivid-backup-mainwp/assets/icon-256x256.png?rev=2910231)
 * [WPvivid Backup for MainWP](https://wordpress.org/plugins/wpvivid-backup-mainwp/)
 * [Support Threads](https://wordpress.org/support/plugin/wpvivid-backup-mainwp/)
 * [Active Topics](https://wordpress.org/support/plugin/wpvivid-backup-mainwp/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wpvivid-backup-mainwp/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wpvivid-backup-mainwp/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [tonyrobins](https://wordpress.org/support/users/tonyrobins/)
 * Last activity: [5 years, 2 months ago](https://wordpress.org/support/topic/terrible-security-practice/#post-14189294)