Encrypt passwords for the users so Admins are only able to reset, not export a plain txt list.
We do use the ability to export all the passwords occasionally (in Webadmin), but every time we do it, it just feels like a vulnerability waiting to be exploited. Seems so 2007. I would prefer to see passwords on lockdown.
MDaemon 13.5.0 has been updated to not include passwords when exporting account information from WebAdmin.
I fully agree with Allan Jensen
Allan Jensen commented
I do not think this is a good idea. My users often forget their mailpasswords, and by resetting it we will have to change it on all devices they use. Mobil phones, tablets computers etc.
At least make it an option