I think that this feature should be at least disabled by default because it's a bad policy even for administrators to view user passwords.
Wanted to point out that some people re-use passwords and having a third party viewing their password could compromise their other accounts.

Comments

EvanDonovan’s picture

EvanDonovan CreditAttribution: EvanDonovan commented
Title: Have aes_convert default to false » Have aes_convert default to false - 7.x-1.6 blocker

I would agree with this. I'll put into the next release.

dpovshed’s picture

dpovshed CreditAttribution: dpovshed commented
Issue summary: View changes
Status: Active » Closed (duplicate)

Fixed in #1968496: Don't enable AES password by default .